cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
883
Views
0
Helpful
1
Replies

6509 NBAR

framedrelay
Level 1
Level 1

Hi All,

This is Sylvester, I've a small question.

I've a network & the traffic from the network is "really" huge.

(IP network - Internal) ------> Cisco 6509 x 2 (HSRP) --------> Firewall ----------------> Router (HSRP) ---> Internet

Now I need to pull a report on firewall for no of applications accessed by Internal guys. For e.g If a guy inside the network access a bit torrent application, i should have log about it. So I was trying to do in firewall, which I couldnt.

So here is my question, Can it be done in 6509 switch? by using NBAR or something else (Netflow)? End of the day, I need it like a report.

Questions,

1. How much its going to impact my network?

2. Do I need some additional module?

3. Can i pull report from somewhere? Or statistics can be pushed/pulled?

4. Last, but not least. Can it be done?

Regards,

Sylvester.

1 Reply 1

Hitesh Vinzoda
Level 4
Level 4

Hi

NBAR is supported on 6509 and i have been running it on 6500 with Sup 720-3B's with code 12.2 33 SXI. You better be checking the support for NBAR on the code version you are using. NBAR will sniff the flow and based on it, creates statistics which can be exported on NMS running netflow analyzer. This NMS gives detailed report about protocol usage and top protocols etc. etc.

1. How much its going to impact my network?

      Deploying it is not going to impact but analysis can be done for the existing load on the switch before implementing NBAR. Coz i believe in 6500 NBAR is not done in hardware it is done in software, the new Sups 32 PISA does it in hardware.

2. Do I need some additional module?

    It depends upon what exactly you have righnow on your box.

3. Can i pull report from somewhere? Or statistics can be pushed/pulled?

    You need to have third party application which can create historical reports for protocol and traffic statistics/

4. Last, but not least. Can it be done?

   Of course, Yes.

HTH

Hitesh Vinzoda

Please rate useful posts.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Review Cisco Networking products for a $25 gift card