Welcome!

Network Aware, Business Secure

Michael Patterson

Subscribe to Michael Patterson: eMailAlertsEmail Alerts
Get Michael Patterson via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: Astaro Journal, Telecom Innovation

Blog Feed Post

Astaro IPFIX Reporting: Astaro NetFlow Support

Apparently some of our customers are calling in asking for Astaro IPFIX Reporting support.  It’s always fun to work with a new flow vendor and in this case Sophos who acquired Astaro is exporting IPFIX instead of NetFlow.  Going with IPFIX of course was a very smart decision especially since they are exporting some interesting unique elements.

Some interesting Astaro IPFIX elements include:

  • octetTotalCount as well as OctetDeltaCount
  • IPv6 Support
  • No export of the ingress or egress interface which is needed in many reporting packages except of course our NetFlow Solution.
  • There is afcProtocol element which was in some of the flow templates and I believe it is an ID which links the flow to the afcProtocolName in an options template.

I picked up the above details by peering into their eight different templates – WOW!

Astaro IPFIX Support

You can enable netflow under “Logging&Reporting>>Reporting Settings” on the “Settings” Tab. It’s the last section, so you have to scroll down a bit. It is labeled “IPFIX Accounting”. Very soon the IPFIX will be coming into our NetFlow collector where we can not only provide reports but, we can also help with detecting Advanced Persistent Threats and other types of malware. If all goes well in the next few weeks, we’ll add this device to our NetFlow Training  class that is coming to a city near you!

Anyway, if you are looking to do some network traffic monitoring using the IPFIX exports from your Sophos Astaro Security Gateway, reach out to our NetFlow team. We’ll get you setup.

Brian

For a free 30 day trial of Scrutinizer, Download Now

Sign up for Advanced NetFlow Training coming to a city near you!

Read the original blog entry...

More Stories By Michael Patterson

Michael Patterson, is the founder & CEO of Plixer and the product manager for Scrutinizer NetFlow and sFlow Analyzer. Prior to starting Somix and Plixer, Mike worked in a technical support role at Cabletron Systems, acquired his Novell CNE and then moved to the training department for a few years. While in training he finished his Masters in Computer Information Systems from Southern New Hampshire University and then left technical training to pursue a new skill set in Professional Services. In 1998 he left the 'Tron' to start Somix and Plixer.