DDoS Attack Detection Using NetFlow Analyzer

A distributed denial of service (DDoS) attack is basically a flood of illegitimate traffic that is sent to a network resource from an IP address or a group of IP addresses, rendering the network resource unavailable. A DDoS attack is a serious security threat facing all types of networks, from the simplest enterprise network to the most complex corporate network. Fortunately, NetFlow Analyzer can help you detect DDoS attacks and mitigate the harm they might otherwise cause. Understanding DDoS DDoS attacks take advantage of the TCP three-way handshake that is carried out for every connection established using the TCP protocol. Not surprisingly, hackers have found a number of ways to defeat the three-wa…

Gaining Deeper Visibility on QoS Hierarchy with ManageEngine NetFlow Analyzer

Quality of Service (QoS) has been a hot technology since its inception. QoS combines multiple technologies that help in building good traffic patterns on a computer network.  To deploy a simple QoS policy that prioritizes business-critical applications on your network , follow these three steps:
  1. Classifying network traffic
  2. Shaping or policing bandwidth
  3. Applying the QoS policy to  a WAN interface
The example below explains QoS deployment on a network to support VoIP, which is now being commonly used on most networks. These VoIP packets should have proper treatment on the network or else users will experience bad call quality across network. Classifying Network Traffic Classification identifies th…

Analyzing ART Using NetFlow Analyzer

Network administrators evaluate an application’s performance by measuring response time, round trip time, packet loss, and delay. However, this method poses certain limitations, because you can monitor only the applications, servers, and network devices within the hosted network boundary. And, if the applications are hosted in the cloud, monitoring is almost impossible. When users complain of delayed response from applications hosted in the cloud, the actual delay could be due to the application, client network, server network, transaction, or response time. Therefore, tracking the actual reason could be a cumbersome, time-consuming, and tedious. In such scenarios, the network admin needs…

Application Visibility and Control for Better Bandwidth Analysis

Traditionally, using NetFlow to perform bandwidth analysis on application visibility was primarily based on port and protocol information. The monitoring software identifies applications as HTTP, HTTPS, SMTP, and other protocols based on mapping well-known ports and protocols. Today, most applications use random ports as well as well-known ports like 80 and 443. In turn,  traditional port and protocol analysis, which was based upon layer 3 information, is no longer very helpful in proving the deep visibility needed to identify the exact application that is consuming bandwidth. Cisco AVC Cisco Application Visibility and Control is the combination of multiple technologies found in the Cisco ASR 1…

Quality of Service (QoS): A Good Traffic Engineering Component

Today, we commonly see IT budget reduction, cost cutting, and barriers for potential network circuit upgrades. In this tough economic situation, the motive of a network administrator should be optimizing the current infrastructure for future accommodations. Optimization plays a major role when it comes to distributed network architecture and when users are around the globe. How can we optimize the network with the current infrastructure without adding a hardware or software to the network? We’ll discuss this below. The network administrator’s role is to ensure that the network is always up and running, and that the performance of the entire network is always running smoothly, even when…

Identifying Layer 7 Application Traffic to Make Your WAN Hum

Network administrators around the globe are very concerned about the type of traffic that is exiting their network. They want their critical business application over the WAN to perform at its best. Non-critical applications like web traffic and social media downgrade the performance of WAN links. Therefore, administrators should avoid non-business applications on WAN links. Over the last decade, administrators around the globe have used traditional NetFlow and other similar flow technologies to identify the type of traffic on their network.  The traditional flow-based traffic analysis is utilized to identify layer 3 application traffic based on port and protocol. What if a user on the netwo…

All New Distributed Edition of NetFlow Analyzer

Until 2012, NetFlow Analyzer’s Enterprise edition benefited ISPs, MSPs and large organizations that had distributed network architecture, in monitoring their bandwidth. Any organization with less than 600 interfaces and want to monitor all of them by installing product on Head Quarters data center can go with Professional and Professional Plus Edition which has integrated collectors and reporting engine which collects the data and generate reports. The Enterprise edition was majorly used by organizations that had a distributed architecture and monitoring was done by means of Central server and multiple collectors across different sites in the same network. Limitation of Enterprise Edition:…

Cisco Performance Monitoring using NetFlow Analyzer.

Cisco Performance Monitor helps you to identify performance issues on the network, Now a days Video is every where and when it comes to corporate network, it has to be treated in such a way that it is with high quality as expected. An organization considering implementation of Video conferencing or any video streaming should also consider that this will increase significant load on the network. The network should be capable enough to handle this additional load along with existing load. NetFlow Analyzer with its value added features like Cisco IP SLA VO and Cisco Medianet and Mediatrace helps to implement video traffic on the network effectively. Network Load Testing using Cisco IP SLA VO :- Video packets (RT…

Attention Cisco TMEs: Solarwinds does not support Peformance Monitoring, NBAR and MediaTrace

I was watching Network Field day videos the other day and the one on Application Visibility and Control (AVC) was most interesting due to our product being a player in this  field. During the Application Visibility and Control (AVC) session, the TME handling the session said Solarwinds and Lancope supports Performance Monitoring in their NetFlow monitoring solution. As far as I know and based on the information available in websites and the Cisco partner portal page, they DO NOT SUPPORT Performance Monitoring Flexible NetFlow exports. My request to the TME is, please refer to the Cisco partners page for MediaNet and announce only the approved vendor names during such sessions. We vendors put in a lot of eff

Make Sense of Video Traffic with Cisco Medianet and Mediatrace

There are many ways to monitor video traffic on a network. Jean-Charles Griviaud, Product Line Manager in Software Division at Cisco in charge of L7 services argues that Medianet has a better way. Medianet is a framework to simplify video and the operation of networks where video is running. One of the common ways to determine video behavior on a network is to simply look at devices and try to determine the content. Given Medianet’s architecture, they leverage the endpoint itself to understand video traffic, said Grivaud. They are able to gather this information thanks to an application stack called MSI that sits on the endpoint itself. MSI’s job is to provide simplified autoconfiguration with the netwo…