Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
613
Views
0
Helpful
2
Replies

Monitoring Network Traffic

d8hunt
Level 1
Level 1

‎07-28-2009 07:26 AM

We have a Cisco ASA5510 in place. We currently do not have any additional network monitoring tools in place other than the tools on the ASA itself and wireshark.

Lateley our connection to \ from the internet has been getting maxed out, when looking at the outside interface graph on the ASA it shows a straight line accross the top at the maxed out limit.

How can I determine, in real time who is killing our internet?

Please help

Labels:
0 Helpful
2 Replies 2

Lucien Avramov
Level 10
Level 10

‎07-28-2009 10:38 AM

1.You can use threat detection

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/protect.html#wp1058499

What you need is:

threat-detection statistics host

threat-detection statistics port

threat-detection statistics protocol

2. You can use netflow from ASA version 8.2

0 Helpful

linker.team
Level 1
Level 1
In response to Lucien Avramov

‎07-29-2009 03:22 AM

NetFlow from ASA is currently not supported by most of the NetFlow based tool vendors. NetFlow from ASA devices, termed as NetFlow Secure Event Logging (NSEL) is based on NetFlow version 9.

The NSEL is based on events triggered on the firewall devices and is different from the normal NetFlow packets. These packets do not have information which can be used properly for traffic monitoring.

You may have to wait for a bit longer for vendors to start supporting this new NetFlow.

0 Helpful
Customers Also Viewed These Support Documents