https://community.cisco.com/t5/network-security/enabling-netflow-on-cloud-based-wireless-controllers/m-p/4950101#M1105420 <P>When enabling Netflow on a cloud-based wireless controller, you typically send the Netflow data to a Netflow collector. Here's a simple explanation:</P><UL><LI><P>You can use an on-premise Netflow collector, and in this case, the Netflow traffic is not encrypted by default. If your Netflow collector is in a private network, you may need to configure NAT to translate the Netflow collector's public IP to its private IP for the traffic to reach it.</P></LI><LI><P>Alternatively, you can use a cloud-based Netflow collector, such as one hosted in Azure. In this scenario, the Netflow data would be sent to the cloud-based collector directly, and you wouldn't need to worry about NAT or encrypting the traffic because it remains in the cloud environment.</P></LI></UL><P>The choice between on-premise and cloud-based Netflow collectors depends on your specific network architecture and security requirements.</P> Sat, 28 Oct 2023 22:23:25 GMT yasodasanjel 2023-10-28T22:23:25Z https://community.cisco.com/t5/network-security/enabling-netflow-on-cloud-based-wireless-controllers/m-p/4950099#M1105419 <P>Hey everyone,</P> <P>&nbsp;</P> <P>Just wondering if anyone knows where to send the Netflow collector on a cloud-based wireless controller (such as Meraki for example). Would we send it to an on-premise Netflow collector? If it is on-premise, would the Netflow be encrypted and NAT is required to NAT the netflow collector IP from public to the private IP?&nbsp; Or would the netflow collect be in the cloud too (i.e., in Azure)?&nbsp; Just wondering how this would work.</P> <P>I'm working a project to evaluate different cloud-based wireless controllers and just curios how and where the netflow traffic would be configured.</P> <P>&nbsp;</P> <P>Thank you in advance!</P> Sat, 28 Oct 2023 22:21:14 GMT https://community.cisco.com/t5/network-security/enabling-netflow-on-cloud-based-wireless-controllers/m-p/4950099#M1105419 latenaite2011 2023-10-28T22:21:14Z https://community.cisco.com/t5/network-security/enabling-netflow-on-cloud-based-wireless-controllers/m-p/4950101#M1105420 <P>When enabling Netflow on a cloud-based wireless controller, you typically send the Netflow data to a Netflow collector. Here's a simple explanation:</P><UL><LI><P>You can use an on-premise Netflow collector, and in this case, the Netflow traffic is not encrypted by default. If your Netflow collector is in a private network, you may need to configure NAT to translate the Netflow collector's public IP to its private IP for the traffic to reach it.</P></LI><LI><P>Alternatively, you can use a cloud-based Netflow collector, such as one hosted in Azure. In this scenario, the Netflow data would be sent to the cloud-based collector directly, and you wouldn't need to worry about NAT or encrypting the traffic because it remains in the cloud environment.</P></LI></UL><P>The choice between on-premise and cloud-based Netflow collectors depends on your specific network architecture and security requirements.</P> Sat, 28 Oct 2023 22:23:25 GMT https://community.cisco.com/t5/network-security/enabling-netflow-on-cloud-based-wireless-controllers/m-p/4950101#M1105420 yasodasanjel 2023-10-28T22:23:25Z https://community.cisco.com/t5/network-security/enabling-netflow-on-cloud-based-wireless-controllers/m-p/4950113#M1105421 Thank you Yosadanjel for the explanation.<BR /><BR />Follow up questions.<BR /><BR />Say in the case of Meraki or Junipr Mist cloud controller for example, if<BR />we send it on-premise, it probably wouldn't be good to send netflow data to<BR />the Netflow collector on-premise as traffic would not be encrypted and<BR />anything can sniff the Netflow data, even with NAT enable.<BR /><BR />In the case of sending the Netflow collector in the cloud, how can one send<BR />the traffic to the Netflow collector in Azure for a sample. How does<BR />Meraki's controller (via the Dashboard) or Juniper Mist controller via<BR />their own dashboard be able to talk to the Netflow collect via the Azure's<BR />IP address?<BR /><BR />Thank you!<BR /> Sun, 29 Oct 2023 00:36:17 GMT https://community.cisco.com/t5/network-security/enabling-netflow-on-cloud-based-wireless-controllers/m-p/4950113#M1105421 latenaite2011 2023-10-29T00:36:17Z