Hello, Does anyone here have a suggestion for a tool to replace Peakflow CP from Arbor Networks? Please if possible you would like hear some suggestions. Thanks. Aluísio da Silva Coordenação de Planejamento e Engenharia CTBC (34) 3256-2471 (34) 9976-0471 www.ctbc.com.br Esta mensagem,incluindo seus anexos,pode conter informação confidencial e/ou privilegiada,sendo de uso exclusivo dos destinatários. Seu conteúdo não deve ser revelado.Caso você não seja o destinatário autorizado a receber esta mensagem,não poderá usar,copiar ou divulgar as informações nela contidas ou tomar qualquer ação baseada nesse e-mail,por favor,comunique ao remetente e a elimine imediatamente.Não nos responsabilizamos por opiniões e/ou declarações veiculadas por e-mail não ficando obrigada ao cumprimento de qualquer condição constante deste instrumento. This message,including its attachments,contains and/or may contain confidential and privileged information.If you are not the person authorized to receive this message,you may not use,copy or disclose the information contained therein or take any action based on this information.If this message is received by mistake,please notify the sender by immediately replying to this email and deleting its files.We appreciate your cooperation.
hi aluisio On 09/06/15 at 02:01am, Aluisio da Silva wrote:
Hello,
Does anyone here have a suggestion for a tool to replace Peakflow CP from Arbor Networks?
# for reference http://www.arbornetworks.com/products
Please if possible you would like hear some suggestions.
- sflow based http://www.sflow.com/products/floodprotect.php http://www.inmon.com/technology/sflowTools.php http://www.andrisoft.com/software/wanguard http://www.github.com/FastVPSEestiOu/fastnetmon http://www.packetdam.com http://www.radware.com/Products/DefenseFlow - netflow based ?cisco url? http://nfdump.sourceforge.net http://nfsen.sourceforge.net http://sourceforge.net/projects/panoptis - jflow based ?juniper? magic pixie dust alvin # # DDoS-Mitigator.com #
Thanks.
Aluísio da Silva Coordenação de Planejamento e Engenharia CTBC (34) 3256-2471 (34) 9976-0471 www.ctbc.com.br
Hello! Thanks for recommendation, Alvin! As author of FastNetMon I will be very glad to hear some feedback about my tool and could help with configuration / development :) On Sun, Sep 6, 2015 at 6:22 AM, alvin nanog <nanogml@mail.ddos-mitigator.net> wrote:
hi aluisio
On 09/06/15 at 02:01am, Aluisio da Silva wrote:
Hello,
Does anyone here have a suggestion for a tool to replace Peakflow CP from Arbor Networks?
# for reference http://www.arbornetworks.com/products
Please if possible you would like hear some suggestions.
- sflow based http://www.sflow.com/products/floodprotect.php http://www.inmon.com/technology/sflowTools.php
http://www.andrisoft.com/software/wanguard http://www.github.com/FastVPSEestiOu/fastnetmon http://www.packetdam.com http://www.radware.com/Products/DefenseFlow
- netflow based ?cisco url?
http://nfdump.sourceforge.net http://nfsen.sourceforge.net http://sourceforge.net/projects/panoptis
- jflow based ?juniper?
magic pixie dust alvin # # DDoS-Mitigator.com #
Thanks.
Aluísio da Silva Coordenação de Planejamento e Engenharia CTBC (34) 3256-2471 (34) 9976-0471 www.ctbc.com.br
-- Sincerely yours, Pavel Odintsov
hi pavel On 09/06/15 at 06:11pm, Pavel Odintsov wrote: > Thanks for recommendation, Alvin! just "on the list of flow stuff to look at" - opensource like fastnetmon is good for techies and solving problems - commercial products may be what large corp purchasing folks like i've looked into the flow based products and got more confused :-) > As author of FastNetMon I will be very glad to hear some feedback > about my tool and could help with configuration / development :) cool ... i went googlin around and found some additional info for the url list > On Sun, Sep 6, 2015 at 6:22 AM, alvin nanog > <nanogml@mail.ddos-mitigator.net> wrote: > > > > hi aluisio > > > > On 09/06/15 at 02:01am, Aluisio da Silva wrote: > >> Hello, > >> > >> Does anyone here have a suggestion for a tool to replace Peakflow CP from Arbor Networks? > > > > # for reference > > http://www.arbornetworks.com/products > > > >> Please if possible you would like hear some suggestions. > > > > - sflow based - sflow based # trademark owned by inmon http://www.sflow.org/products == list of vendors and collectors > > http://www.sflow.com/products/floodprotect.php their blog.sflow.com has lots of feedback and comparisons > > http://www.inmon.com/technology/sflowTools.php http://www.inmon.com/products > > > > http://www.andrisoft.com/software/wanguard > > http://www.github.com/FastVPSEestiOu/fastnetmon > > http://www.packetdam.com > > http://www.radware.com/Products/DefenseFlow > > - netflow based -- netflow prototcol superceded by IPFIX http://www.cisco.com/go/netflow http://www.openbsd.org/cgi-bin/man.cgi?query=pflow&sektion=4&manpath=OpenBSD+Current one day, i'll go poke around at linux-based tools like openbsd's pflow > > > > http://nfdump.sourceforge.net > > http://nfsen.sourceforge.net > > http://sourceforge.net/projects/panoptis - openflow based http://www.opennetworking.org/sdn-resources/openflow http://www.radware.com/Products/DefenseFlow > > - jflow based juniper.net/us/en/products-services/security/ - still can't find the jflow info :-( magic pixie dust alvin # # DDoS-Mitigator.com/Competitors/#Flow #
Thank you all for the comments. Does anyone know about FlowTraq and DeepField tools? Thanks. Aluísio da Silva Coordenação de Planejamento e Engenharia CTBC (34) 3256-2471 (34) 9976-0471 www.ctbc.com.br -----Mensagem original----- De: alvin nanog [mailto:nanogml@Mail.DDoS-Mitigator.net] Enviada em: domingo, 6 de setembro de 2015 00:22 Para: Aluisio da Silva <aluisios@algartelecom.com.br> Cc: nanog@nanog.org; alvin nanog <nanogml@Mail.DDoS-Mitigator.net> Assunto: Re: Any Tool to replace Peakflow CP hi aluisio On 09/06/15 at 02:01am, Aluisio da Silva wrote:
Hello,
Does anyone here have a suggestion for a tool to replace Peakflow CP from Arbor Networks?
# for reference http://www.arbornetworks.com/products
Please if possible you would like hear some suggestions.
- sflow based http://www.sflow.com/products/floodprotect.php http://www.inmon.com/technology/sflowTools.php http://www.andrisoft.com/software/wanguard http://www.github.com/FastVPSEestiOu/fastnetmon http://www.packetdam.com http://www.radware.com/Products/DefenseFlow - netflow based ?cisco url? http://nfdump.sourceforge.net http://nfsen.sourceforge.net http://sourceforge.net/projects/panoptis - jflow based ?juniper? magic pixie dust alvin # # DDoS-Mitigator.com #
Thanks.
Aluísio da Silva Coordenação de Planejamento e Engenharia CTBC (34) 3256-2471 (34) 9976-0471 www.ctbc.com.br
Esta mensagem,incluindo seus anexos,pode conter informação confidencial e/ou privilegiada,sendo de uso exclusivo dos destinatários. Seu conteúdo não deve ser revelado.Caso você não seja o destinatário autorizado a receber esta mensagem,não poderá usar,copiar ou divulgar as informações nela contidas ou tomar qualquer ação baseada nesse e-mail,por favor,comunique ao remetente e a elimine imediatamente.Não nos responsabilizamos por opiniões e/ou declarações veiculadas por e-mail não ficando obrigada ao cumprimento de qualquer condição constante deste instrumento. This message,including its attachments,contains and/or may contain confidential and privileged information.If you are not the person authorized to receive this message,you may not use,copy or disclose the information contained therein or take any action based on this information.If this message is received by mistake,please notify the sender by immediately replying to this email and deleting its files.We appreciate your cooperation.
Hi Aluisio, Have you had a look at Lancope's Stealthwatch? If you go that route give a shout as we've written a bunch of scripts to do things like scan detection and new service alerting. Cheers, Harry On 9/5/15 10:01 PM, Aluisio da Silva wrote:
Hello,
Does anyone here have a suggestion for a tool to replace Peakflow CP from Arbor Networks?
Please if possible you would like hear some suggestions.
Thanks.
Aluísio da Silva Coordenação de Planejamento e Engenharia CTBC (34) 3256-2471 (34) 9976-0471 www.ctbc.com.br
Esta mensagem,incluindo seus anexos,pode conter informação confidencial e/ou privilegiada,sendo de uso exclusivo dos destinatários. Seu conteúdo não deve ser revelado.Caso você não seja o destinatário autorizado a receber esta mensagem,não poderá usar,copiar ou divulgar as informações nela contidas ou tomar qualquer ação baseada nesse e-mail,por favor,comunique ao remetente e a elimine imediatamente.Não nos responsabilizamos por opiniões e/ou declarações veiculadas por e-mail não ficando obrigada ao cumprimento de qualquer condição constante deste instrumento.
This message,including its attachments,contains and/or may contain confidential and privileged information.If you are not the person authorized to receive this message,you may not use,copy or disclose the information contained therein or take any action based on this information.If this message is received by mistake,please notify the sender by immediately replying to this email and deleting its files.We appreciate your cooperation.
Very Happy with Kentik Detect, highly recommend it. www.kentik.com Cheers, Chris On Sun, Sep 6, 2015 at 4:53 PM, Harry Hoffman <hhoffman@ip-solutions.net> wrote:
Hi Aluisio,
Have you had a look at Lancope's Stealthwatch?
If you go that route give a shout as we've written a bunch of scripts to do things like scan detection and new service alerting.
Cheers, Harry
On 9/5/15 10:01 PM, Aluisio da Silva wrote:
Hello,
Does anyone here have a suggestion for a tool to replace Peakflow CP from Arbor Networks?
Please if possible you would like hear some suggestions.
Thanks.
Aluísio da Silva Coordenação de Planejamento e Engenharia CTBC (34) 3256-2471 (34) 9976-0471 www.ctbc.com.br
Esta mensagem,incluindo seus anexos,pode conter informação confidencial e/ou privilegiada,sendo de uso exclusivo dos destinatários. Seu conteúdo não deve ser revelado.Caso você não seja o destinatário autorizado a receber esta mensagem,não poderá usar,copiar ou divulgar as informações nela contidas ou tomar qualquer ação baseada nesse e-mail,por favor,comunique ao remetente e a elimine imediatamente.Não nos responsabilizamos por opiniões e/ou declarações veiculadas por e-mail não ficando obrigada ao cumprimento de qualquer condição constante deste instrumento.
This message,including its attachments,contains and/or may contain confidential and privileged information.If you are not the person authorized to receive this message,you may not use,copy or disclose the information contained therein or take any action based on this information.If this message is received by mistake,please notify the sender by immediately replying to this email and deleting its files.We appreciate your cooperation.
Could it be GovCloud? See http://defensesystems.com/articles/2014/08/21/aws-govcloud-disa-security-app... <http://defensesystems.com/articles/2014/08/21/aws-govcloud-disa-security-approval.aspx> Tom
On Sep 8, 2015, at 7:17 PM, Chris Murray <chris@ipstuff.ca> wrote:
Very Happy with Kentik Detect, highly recommend it.
www.kentik.com
Cheers, Chris
On Sun, Sep 6, 2015 at 4:53 PM, Harry Hoffman <hhoffman@ip-solutions.net> wrote:
Hi Aluisio,
Have you had a look at Lancope's Stealthwatch?
If you go that route give a shout as we've written a bunch of scripts to do things like scan detection and new service alerting.
Cheers, Harry
On 9/5/15 10:01 PM, Aluisio da Silva wrote:
Hello,
Does anyone here have a suggestion for a tool to replace Peakflow CP from Arbor Networks?
Please if possible you would like hear some suggestions.
Thanks.
Aluísio da Silva Coordenação de Planejamento e Engenharia CTBC (34) 3256-2471 (34) 9976-0471 www.ctbc.com.br
Esta mensagem,incluindo seus anexos,pode conter informação confidencial e/ou privilegiada,sendo de uso exclusivo dos destinatários. Seu conteúdo não deve ser revelado.Caso você não seja o destinatário autorizado a receber esta mensagem,não poderá usar,copiar ou divulgar as informações nela contidas ou tomar qualquer ação baseada nesse e-mail,por favor,comunique ao remetente e a elimine imediatamente.Não nos responsabilizamos por opiniões e/ou declarações veiculadas por e-mail não ficando obrigada ao cumprimento de qualquer condição constante deste instrumento.
This message,including its attachments,contains and/or may contain confidential and privileged information.If you are not the person authorized to receive this message,you may not use,copy or disclose the information contained therein or take any action based on this information.If this message is received by mistake,please notify the sender by immediately replying to this email and deleting its files.We appreciate your cooperation.
participants (6)
-
Aluisio da Silva -
alvin nanog -
Chris Murray -
Harry Hoffman -
Pavel Odintsov -
TR Shaw