Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Implications to Network Security of Using NetFlow

Does anyone know if there are any significant security risks involved in using NetFlow on an enterprise?

2 ACCEPTED SOLUTIONS

Accepted Solutions

Re: Implications to Network Security of Using NetFlow

Not really, if you enable it on the right devices using best practices there should not be any issues. Make sure you run the latest IOS version to avoid any bugs.

Make sure the collection device is also secured and so is the transit path between the Net-flow enabled device and the collector.

http://www.securityfocus.com/infocus/1796

Regards

Farrukh

Re: Implications to Network Security of Using NetFlow

Presumably you are referring to the exported data.

You might consider encapsulating the exported data in IPSec if you are worried about the data being used for reconnaissance, and have reason to think it may be sniffed in transit.

We've used IPSec to protect in-band configuration management (e.g.: TFTP transfer of config files) occasionally.

5 REPLIES

Re: Implications to Network Security of Using NetFlow

Not really, if you enable it on the right devices using best practices there should not be any issues. Make sure you run the latest IOS version to avoid any bugs.

Make sure the collection device is also secured and so is the transit path between the Net-flow enabled device and the collector.

http://www.securityfocus.com/infocus/1796

Regards

Farrukh

New Member

Re: Implications to Network Security of Using NetFlow

Thanks, Farrukh, your answer is extremely helpful. I was thinking along the same lines, but I limited the possibilities for risk to login access to NetFlow-enabled routers/switches and other infrastructure devices.

Also, the link you provided has some great content!

Regards,

-- Ron "O"

New Member

Re: Implications to Network Security of Using NetFlow

Thanks, Farrukh, your answer is extremely helpful. I was thinking along the same lines, but I limited the possibilities for risk to login access to NetFlow-enabled routers/switches and other infrastructure devices.

Also, the link you provided has some great content!

Regards,

-- Ron "O"

Re: Implications to Network Security of Using NetFlow

Presumably you are referring to the exported data.

You might consider encapsulating the exported data in IPSec if you are worried about the data being used for reconnaissance, and have reason to think it may be sniffed in transit.

We've used IPSec to protect in-band configuration management (e.g.: TFTP transfer of config files) occasionally.

New Member

Re: Implications to Network Security of Using NetFlow

Michael,

This is great feedback to add to our collective knowledge. I appreciate it very much.

I've been searching for every negative aspect (from a security perspective) of deploying NetFlow services. The pros are documented everywhere, but not the cons.

Thanks!

110
Views
0
Helpful
5
Replies
CreatePlease to create content