13 Mar
2018
13 Mar
'18
12:44 p.m.
Mike, All of the architecture's listed are pretty good. Nfsen is great if you have multiple routers exporting various netflow versions with a single daemon, but its a bit older and not as pretty/quick as something using elastic. Team Cymru has a netflow analyzer that matches your netflow data to known 'bad IPs'. http://www.team-cymru.org/Flow-Sonar.html Thanks, Scott Thanks, Scott On 3/12/18 7:24 PM, mike.lyon@gmail.com wrote:
Howdy!
Checking out various Netflow tools and wanted to see what others are using?
Kentik is cool. Are they the only SaaS based flow digester? I don’t seem to see any others.
Also curious about on-prem solutions as well.
Thanks! Mike