Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
878
Views
5
Helpful
2
Replies

5505 - netflow style data??

jacob6000
Level 1
Level 1

‎08-20-2012 07:27 AM - edited ‎03-11-2019 04:44 PM

I need to know if I can pull Netflow style data (Top Talkers, Top Sessions, etc) from ASA 5505s?  We are looking at buying some but I need to be able to export this kind of data to my managment station which is also a collector. I have read on this forum that 8.2 and above should support Netflow but I have read conflicting information. Can anyone verify this for me? Also, if there are other options to get this information, I would like to know as well.

Thank you,

Labels:
0 Helpful
2 Replies 2

Ramraj Sivagnanam Sivajanam
Level 4
Level 4

‎08-20-2012 08:20 PM

Hi Bro

Yes, Cisco ASA FW running on software image code 8.2 and above support netflow, but version 9 only. Hence, third party tools such as Solarwinds Real-Time Netflow Analyzer cannot be used here, as this tool supports Netflow version 5 only.

Cisco’s NetFlow collector doesn’t support Cisco ASA as stated in this link;

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/ps6601/prod_white_paper0900aecd80406232.html

For this reason, you might wanna look into ManageEngine Netflow Analyzer. This product supports Netflow version 9. Hence, you can configure your ASA to export NetFlow version 9 packets to this tool instead.

Cisco ASA configuration via ASDM for NetFlow can be seen from the below link;

http://blogs.manageengine.com/netflowanalyzer/2010/07/22/configuring-cisco-asa-netflow-via-asdm

Cisco ASA configuration via CLI for NetFlow can be seen from the below link;

https://supportforums.cisco.com/docs/DOC-6113

http://www.cisco.com/en/US/docs/security/asa/asa82/netflow/netflow.html

For further details on this subject, you could also refer to https://supportforums.cisco.com/thread/2071273

P/S: If you think this comment is useful, please do rate them nicely :-)

Warm regards,
Ramraj Sivagnanam Sivajanam

jakewilson
Level 1
Level 1

‎08-24-2012 03:26 AM

Hi Jacob,

Information on top talkers, applications, sessions, protocols, etc. is just the start.  You can also get details on the top ACLs violated, events, extended events and usernames using NSEL exports.  Watch the recorded ASA NSEL webcast for further details. Do you need to display this data in your existing management station?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card