|
A general question -- what is your favorite NetFlow tool and why? What do you get out of the $$ that you don't get from the free ones? (and, I guess, vice-versa) (to include all the flow telemetry variants: sFlow, Jflow, IPFIX, Flexible Netflow, etc.) --@ |
Anonymous |
| thread locked Quote Subscribe |
Nov 3rd 2016 5 years ago |
| Nfdump it supports almost all the formats. And the frontend nfsen give you a nice tcpdump like search syntax. Also there are some interesting plugins for the front and backend. |
joshlinx 4 Posts |
| Thread locked. Quote |
Nov 5th 2016 5 years ago |
|
We recently deployed Stealthwatch and have been pretty impressed with it. It's fairly simple to setup and I've been happy with the reporting features and different dashboards that you can setup. Only thing I didn't like is that it's licensed by flow count so you need to have a good idea of how many flows per second you'd generate across your network. I know other flow collectors are licensed by the number of sources it receives flows from so you'd need to look at what gives you the biggest bang for your buck. Thanks |
jmeetze 3 Posts |
| Thread locked. Quote |
Dec 14th 2016 5 years ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
