It's that time of the year again. The flood of email alerts showcasing online
holiday shopping deals fill the inbox at your office PC, laptops and wireless
devices as merchants attempt to lure online shoppers to "click and save"
while supplies last. In fact, reports show that this year's "holiday
shopping" deals have already started as retailers attempt to stretch the
holiday shopping season - to begin even earlier than Black Friday.
According to a recent report in Time, Booz & Co. chief retail strategist,
Thom Blischok states. "We're not going to see a huge increase in sales growth
for Black Friday this year....What we do expect is a lot of ‘showcasing' on
Black Friday. Shoppers will check things out in stores, electronics
especially, but then purchase online on the Monday after. Cyber Monday sales
will explode this year."
While this is good news for merchants, it... (more)
Apparently some of our customers are calling in asking for Astaro IPFIX
Reporting support. It’s always fun to work with a new flow vendor and in
this case Sophos who acquired Astaro is exporting IPFIX instead of NetFlow.
Going with IPFIX of course was a very smart decision especially since they
are exporting some interesting unique elements.
Some interesting Astaro IPFIX elements include:
octetTotalCount as well as OctetDeltaCount IPv6 Support No export of the
ingress or egress interface which is needed in many reporting packages except
of course our NetFlow Solution. There is ... (more)
Earlier this year Barracuda Networks enabled IPFIX support on their NG Series
firewalls. This export provides great visibility into your network traffic as
well as network Threat Detection.
Let’s take a moment to go over the configuration to get these exports
Step 1 Enable global IPFIX streaming
IPFIX streaming needs to be globally enabled within the General Firewall
Navigate to Config Tree > Box > Infrastructure Services > General Firewall
Configuration > Audit and Reporting. Set Enable IPFIX/Netflow to YES.
Step 2 Configure the IPFIX Collector
Click Set…... (more)
Finally, Cisco ASA NSEL details from a best at NetFlow reporting solution.
NSEL allows for reporting on the non-traditional elements such as username,
NAT, ACLs, etc. If you have not worked with technology before you may be
pondering where all of this information comes from, and what it means. Today
I will help clarify this for you by comparing Cisco’s event ID’s to
You may have already noticed that NSEL is similar to syslogs; before Cisco
ASA Release 8.1, Cisco ASA events were exported exclusively through system
log messages and SNMP traps. NSEL can transmit much of th... (more)
Since 2005, Plixer and Cisco have been touting NetFlow (not Net Flow) as an
IT Security and threat detection solution. Cisco calls NetFlow the “primary
network anomaly-detection technology” (pp4) and that “NetFlow allows the
user to identify anomalies by producing detailed accounting of traffic
flows”. We are not the only ones with this belief. Even Symantec calls
NetFlow a “valuable enhancement” to IDS (intrusion detection) and IPS
For years, Scrutinizer’s Flow Analytics has been painstakingly saving every
flow for Network Behavior Analysis to catch APT... (more)