A distributed denial of service (DDoS) attack is basically a flood of illegitimate traffic that is sent to a network resource from an IP address or a group of IP addresses, rendering the network resource unavailable. A DDoS attack is a serious security threat facing all types of networks, from the simplest enterprise network to the most complex corporate network. Fortunately, NetFlow Analyzer can help you detect DDoS attacks and mitigate the harm they might otherwise cause.
DDoS attacks take advantage of the TCP three-way handshake that is carried out for every connection established using the TCP protocol. Not surprisingly, hackers have found a number of ways to defeat the three-wa…
Quality of Service (QoS) has been a hot technology since its inception. QoS combines multiple technologies that help in building good traffic patterns on a computer network. To deploy a simple QoS policy that prioritizes business-critical applications on your network , follow these three steps:
- Classifying network traffic
- Shaping or policing bandwidth
- Applying the QoS policy to a WAN interface
The example below explains QoS deployment on a network to support VoIP, which is now being commonly used on most networks. These VoIP packets should have proper treatment on the network or else users will experience bad call quality across network.
Classifying Network Traffic
Classification identifies th…
Network administrators evaluate an application’s performance by measuring response time, round trip time, packet loss, and delay. However, this method poses certain limitations, because you can monitor only the applications, servers, and network devices within the hosted network boundary. And, if the applications are hosted in the cloud, monitoring is almost impossible.
When users complain of delayed response from applications hosted in the cloud, the actual delay could be due to the application, client network, server network, transaction, or response time. Therefore, tracking the actual reason could be a cumbersome, time-consuming, and tedious. In such scenarios, the network admin needs …
Traditionally, using NetFlow to perform bandwidth analysis on application visibility was primarily based on port and protocol information. The monitoring software identifies applications as HTTP, HTTPS, SMTP, and other protocols based on mapping well-known ports and protocols.
Today, most applications use random ports as well as well-known ports like 80 and 443. In turn, traditional port and protocol analysis, which was based upon layer 3 information, is no longer very helpful in proving the deep visibility needed to identify the exact application that is consuming bandwidth.
Cisco Application Visibility and Control is the combination of multiple technologies found in the Cisco ASR 1…
Today, we commonly see IT budget reduction, cost cutting, and barriers for potential network circuit upgrades. In this tough economic situation, the motive of a network administrator should be optimizing the current infrastructure for future accommodations.
Optimization plays a major role when it comes to distributed network architecture and when users are around the globe.
How can we optimize the network with the current infrastructure without adding a hardware or software to the network? We’ll discuss this below.
The network administrator’s role is to ensure that the network is always up and running, and that the performance of the entire network is always running smoothly, even when …
Network administrators around the globe are very concerned about the type of traffic that is exiting their network. They want their critical business application over the WAN to perform at its best. Non-critical applications like web traffic and social media downgrade the performance of WAN links. Therefore, administrators should avoid non-business applications on WAN links.
Over the last decade, administrators around the globe have used traditional NetFlow and other similar flow technologies to identify the type of traffic on their network. The traditional flow-based traffic analysis is utilized to identify layer 3 application traffic based on port and protocol.
What if a user on the netwo…
Until 2012, NetFlow Analyzer’s Enterprise edition benefited ISPs, MSPs and large organizations that had distributed network architecture, in monitoring their bandwidth.
Any organization with less than 600 interfaces and want to monitor all of them by installing product on Head Quarters data center can go with Professional and Professional Plus Edition which has integrated collectors and reporting engine which collects the data and generate reports.
The Enterprise edition was majorly used by organizations that had a distributed architecture and monitoring was done by means of Central server and multiple collectors across different sites in the same network.
Limitation of Enterprise Edition:…
Cisco Performance Monitor helps you to identify performance issues on the network, Now a days Video is every where and when it comes to corporate network, it has to be treated in such a way that it is with high quality as expected.
An organization considering implementation of Video conferencing or any video streaming should also consider that this will increase significant load on the network. The network should be capable enough to handle this additional load along with existing load.
NetFlow Analyzer with its value added features like Cisco IP SLA VO and Cisco Medianet and Mediatrace helps to implement video traffic on the network effectively.
Network Load Testing using Cisco IP SLA VO :-
Video packets (RT…
In continuation to our introduction blog on HighPerf reporting engine, this one discuss about how to install the HighPerf reporting engine and integrate it with NetFlow Analyzer.
This HighPerf reporting engine comes as a add-on package to NetFlow Analyzer. It can be installed on the same machine where NetFlow Analyzer is installed or on a remote server.
HighPerf Reporting Engine and NetFlow Anlayzer on the same server:
If you prefer to install the HighPerf Add On on the same server where you are going deploy NetFlow Analyzer, You can download the installable for Windows which has HighPerf add-on from here and Linux from here.
Cisco is always known for rapidly rolling out enhancements to their product portfolio, Cisco ASA 8.4(5) was recently released with a lot of features and security enhancements.
NetFlow Secure Event Logging (NSEL) is now enhanced and with the new Cisco 8.4(5) NSEL export, it is possible to visualize accurate IN and OUT traffic with ManageEngine NetFlow Analyzer.
Older IOS Version NSEL Limitation:
Cisco ASA monitoring through NSEL in its older version, had the following limitations:
1. The concept of ‘active time out’ and ‘inactive timeout’, which allows flow data export in a timely manner from IOS devices, was non-existent for NetFlow packets exported from the Cisco ASA. This r…