Dear Mister Dobbins, Thank you for your reply.
Argus is OK, but I believe that it mainly relies upon packet capture - it does now support NetFlow v5, and v9 support as well as support for Juniper flow telemetry and others is supposed to be coming.
Argus is a superset of Netflow [1]. It's a *better* Netflow : http://docs.google.com/viewer?url=http://www.cert.org/flocon/2009/presentati...
I've personally not played with Argus and NetFlow; nfdump/nfsen is a useful open-source NetFlow collection/analysis system.
There is also Psyche from Pontetec that is a better nfsen : http://psyche.pontetec.com/
Me and my partners are working on a Flow Based Security Awareness Framework for High-Speed Networks.
http://docs.google.com/viewer?url=http://www.vabo.cz/spi/2009/presentations/...
For a demo :
It's always good to see folks motivated to work on solutions they believe will benefit the community at large.
Thank you. The question is : Who are the people interested in our work ? Best Regards, Guillaume FORTAINE [1] http://www.qosient.com/argus/argusnetflow.htm