Welcome!

Network Aware, Business Secure

Michael Patterson

Subscribe to Michael Patterson: eMailAlertsEmail Alerts
Get Michael Patterson via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Michael Patterson
More and more companies are choosing our NetFlow solution because we have become one of the preferred Cisco NetFlow Partners for delivering the reporting and analysis needed on all of the unique Flexible NetFlow (FNF) exports provided by Cisco.  We were the first vendor certified and l...
The Flame threat is basically a virtual, digitized spy tool that does what a human spy would do: recording phone calls, snapping photos, and siphoning information.  Often times this traffic pattern to the internet is initiated by the infected host and ultimately slides right by even ne...
IT professionals have been looking for better ways to monitor and store firewall logs for years. Properly handled, firewall events can give insight into APTs, DoS attacks, firewall rule planning and misconfigurations, policy violations, and much more. To date, Syslog has been the go-to...
Have you been looking for a Zenpack that would allow seamless integration of Zenoss and the NetFlow tool Scrutinizer? Well you have come to the right place! Today I will be showing you how to complete the configuration of this integration. First off there are some minor differences bet...
Palo Alto Networks NetFlow support is now available and with the latest version of our NetFlow monitoring solution you can get NAT and also application reporting for this firewall. Today I’ll be providing step by step instructions on how to configure NetFlow for this device, and ...
We’ve blogged about the differences between NetFlow and sFlow before but this debate continues to come up often enough and has been going on long enough that it needs to be put to rest once and for all. So let’s cut right to the chase: The only people that ever say “s...
Earlier this year Barracuda Networks enabled IPFIX support on their NG Series firewalls. This export provides great visibility into your network traffic as well as network Threat Detection. Let’s take a moment to go over the configuration to get these exports going: Step 1 Enable...
I got this Google alert the other day and it caught my attention because it talked about configuring IPFIX and the link went to a pdf on Juniper XGS 5000 IPFIX Support. Apparently the Juniper Networks Security Network Protection XGS 5000, a next generation IPS now supports IPFIX but r...
Apparently some of our customers are calling in asking for Astaro IPFIX Reporting support.  It’s always fun to work with a new flow vendor and in this case Sophos who acquired Astaro is exporting IPFIX instead of NetFlow.  Going with IPFIX of course was a very smart decision especially...
This is a conversation I find myself having more and more lately so I thought it would make sense to discuss in detail just exactly how security information management systems (SIEMs) and NetFlow are related and why SIEMs are a poor choice for NetFlow collection. Customer: Adam, we hav...
We figured out how to report on packet length with NetFlow.  All you have to do is enter “match ipv4 length total” in the flow record of the Flexible NetFlow Configuration .  This entry will export the element ipTotalLength   whereby the NetFlow and IPFIX reporting  tool can provide re...
In this blog I’ll show you how to use Cisco ASA NSEL (aka Cisco ASA NetFlow) reporting to monitor your Cisco ASA firewall ACLs. With the addition of our Cisco Advanced Reporting module you can run many useful NetFlow reports — Network Performance Monitoring (Medianet), Performanc...
Advanced NetFlow Training is coming to a city near you!  Our Washington, DC class on August 13 is nearly FULL with only 2 seats left.  Check out this crazy agenda covering all of the new NetFlow and IPFIX exports: What Is The NetFlow Training Agenda:   8:30 – 9:00 am Registr...
Since 2005, Plixer and Cisco have been touting NetFlow (not Net Flow) as an IT Security and threat detection solution. Cisco calls NetFlow the “primary network anomaly-detection technology” (pp4) and that “NetFlow allows the user to identify anomalies by producing detailed accounting o...
Possibly the most difficult network malware to detect today is the Advanced Persistent Threat or APT. I’ve also heard them referred to as advanced targeted attacks. Before I digress on how to detect this insidious enigma, I would like to provide some history and clear up some misconcep...
I came across this article in infosecisland.com on Securing PCs posted by Michelle Drolet who is the founder and CEO of Towerwall. In the post, she noted several interesting vulnerability facts that most businesses need to be aware of. Right off the top, I found these to be shocking: M...
Finally, Cisco ASA NSEL details from a best at NetFlow reporting solution. NSEL allows for reporting on the non-traditional elements such as username, NAT, ACLs, etc. If you have not worked with technology before you may be pondering where all of this information comes from, and what i...
There are many uses of NetFlow but one of the most important and often overlooked is the network security value NetFlow and IPFIX can provide. Based on feedback gathered over 10 years from hundreds of NetFlow customers, here’s the top five uses of NetFlow analysis for network sec...