I need to setup something in my DMZ that can be used as a relay or forwarder of the netflow coming from a router, rather than open up multiple ports in an internal and external firewall. Does anyone know of anything? Will this work correctly?
Jeff
You should only need to allow a single port (udp/2055 by default in NTA) from your NetFlow exporters.
If you don't want to allow multiple source IPs, I think Lancope sells a commercial NetFlow forwarder and I believe the flow-tools package contains an open-source one.
