Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2987
Views
0
Helpful
8
Replies

Best netflow collector?

dot1q
Level 1
Level 1

‎03-22-2017 11:24 PM

Hi all,

I wanted to check in to see which netflow collectors everyone is using now in days. I have tested  Arbor SP and Scrutinizer. Arbor SP is awesome. Scrutinzer is ok. The only issue is Arbor is a little pricey. 

What is your experience with your current netflow collector (pros and cons)?

I did do a search on this subject, but found one dated back in 2012. 

Thanks in advance for reading my post 

Labels:
0 Helpful
8 Replies 8

Dmitri Popkov
Level 1
Level 1

‎03-28-2017 05:47 AM

Try to test PRTG with netflow sensor its pretty nice. Or Solarwind netflow analyzer.

0 Helpful

dot1q
Level 1
Level 1
In response to Dmitri Popkov

‎04-01-2017 08:38 PM

I will give that a shot. 

0 Helpful

datamodule
Level 1
Level 1
In response to dot1q

‎07-10-2017 09:45 AM

Finally which product did you endup with.We are also in search of netflow tool which will help us to monitor the network data between sites including the packet details.

0 Helpful

Julio E. Moisa
VIP
VIP

‎03-28-2017 07:19 AM

Hi

You can check the Cisco Prime features:

http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-0/administrator/guide/PIAdminBook/setup_tasks.html#pgfId-1056924

Also Solarwinds is very good tool.

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-28-2017 09:40 AM

Start with the PRTG free edition. If you like it (I do for simple tasks), you're done. If not, make a list of what else you want and then go from there.

SolarWinds is nice but a bit of a resource hog.

Prime Infrastructure is maddening to me. It still doesn't understand the Cisco ASA NSEL record format while all 3rd party products do.

0 Helpful

DAVID YARASHUS
Level 5
Level 5

‎03-31-2017 01:59 PM

I've been using Stealthwatch 6.8 lately, and have been pretty happy with it.  The GUI isn't full of eye candy, but it gets the job done. Once you set up appropriate host groups, it's really easy to keep an eye on what's going on.  It's stronger on security-focused analysis than a lot of more network-focused platforms. I particularly like the way it stitches together flows that have gone through NAT or a (supported) proxy so that you can follow them through the network.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to DAVID YARASHUS

‎03-31-2017 08:19 PM

I agree that Stealthwatch is very powerful.

The interface though leaves a lot to be desired and the cost is "reassuringly expensive". It's priced on a "flows per second" model and for a siginificant deployment the cost can easily be in the 6 figure range (US$).

0 Helpful

dot1q
Level 1
Level 1
In response to Marvin Rhoads

‎04-01-2017 08:37 PM

I did reach out to Stealthwatch on getting an evaluation, but they never responded. I do like Arbor Peakflow, but I find it more useful for DDoS type stuff and not really digging down into flows. 

Solarwinds just has too much going on. I feel it is more for an all in one monitoring tool (server monitoring, hardware monitoring, etc. All I want to see is flows.

I am looking into Nfsen and PRTG next.

Thanks everyone for taking the time on responding. I sincerely appreciate it.  

0 Helpful
Customers Also Viewed These Support Documents