03-22-2017 11:24 PM
Hi all,
I wanted to check in to see which netflow collectors everyone is using now in days. I have tested Arbor SP and Scrutinizer. Arbor SP is awesome. Scrutinzer is ok. The only issue is Arbor is a little pricey.
What is your experience with your current netflow collector (pros and cons)?
I did do a search on this subject, but found one dated back in 2012.
Thanks in advance for reading my post
03-28-2017 05:47 AM
Try to test PRTG with netflow sensor its pretty nice. Or Solarwind netflow analyzer.
04-01-2017 08:38 PM
I will give that a shot.
07-10-2017 09:45 AM
Finally which product did you endup with.We are also in search of netflow tool which will help us to monitor the network data between sites including the packet details.
03-28-2017 07:19 AM
Hi
You can check the Cisco Prime features:
http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-0/administrator/guide/PIAdminBook/setup_tasks.html#pgfId-1056924
Also Solarwinds is very good tool.
Hope it is useful
:-)
03-28-2017 09:40 AM
Start with the PRTG free edition. If you like it (I do for simple tasks), you're done. If not, make a list of what else you want and then go from there.
SolarWinds is nice but a bit of a resource hog.
Prime Infrastructure is maddening to me. It still doesn't understand the Cisco ASA NSEL record format while all 3rd party products do.
03-31-2017 01:59 PM
I've been using Stealthwatch 6.8 lately, and have been pretty happy with it. The GUI isn't full of eye candy, but it gets the job done. Once you set up appropriate host groups, it's really easy to keep an eye on what's going on. It's stronger on security-focused analysis than a lot of more network-focused platforms. I particularly like the way it stitches together flows that have gone through NAT or a (supported) proxy so that you can follow them through the network.
03-31-2017 08:19 PM
I agree that Stealthwatch is very powerful.
The interface though leaves a lot to be desired and the cost is "reassuringly expensive". It's priced on a "flows per second" model and for a siginificant deployment the cost can easily be in the 6 figure range (US$).
04-01-2017 08:37 PM
I did reach out to Stealthwatch on getting an evaluation, but they never responded. I do like Arbor Peakflow, but I find it more useful for DDoS type stuff and not really digging down into flows.
Solarwinds just has too much going on. I feel it is more for an all in one monitoring tool (server monitoring, hardware monitoring, etc. All I want to see is flows.
I am looking into Nfsen and PRTG next.
Thanks everyone for taking the time on responding. I sincerely appreciate it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide