donthomas

For one, agencies "should" follow the compliance polices that apply to them but on another note, there has to be a system in place to frequently review the effectiveness of existing policies. Are the policies adopted in 2002 still good enough to fight the security challenges of 2015?

cevangelou‌ How many monitors do you have on your interface? Are you trying to apply the monitor in output direction with a monitor in input direction already applied on the interface?

Yes, that should be possible. Apply the command "ip flow monitor NetFlow-to-Orion input" on the interfaces you need to monitor including VLANs

NTA 3.01 is quite an old version - the latest is NTA 4.0. NTA 3.11 is when we started sampled NetFlow support. This is from the release notes of NTA3.11 "NTA now fully supports sampled NetFlow data. NTA automatically takes into account the sample rate set on your devices and displays ingress and egress statistics…

You can apply both input and output command on the WAN interface and see ingress and egress traffic. Or you can apply input on all interfaces and still see the ingress and egress traffic on the WAN interface. To save your licenses, unmanage the interfaces you dont need to monitor in NTA.

NCM's greatness over other tools is that you can customize it - when it comes to network config, there is no one size fits all but NCM has sizes to fit all.

You still can find opportunities to use GNS3 - test out your configuration changes or try learning something new!

And I think there is still a lot more of network evolution to happen..

You should have checked - it - out..

Found it: In some cases the size of a field type is fixed by definition, for example PROTOCOL, or IPV4_SRC_ADDR. However in other cases they are defined as a variant type. This improves the memory efficiency in the collector and reduces the network bandwidth requirement between the Exporter and the Collector. As an…

Did you check what license you have? The Cisco 3850 needs either an IP Base or IP Services Base license to support Flexible NetFlow (FNF) export.

And please leave those phones at your desk.. I meant that big phone.. yes, that IP phone..

GNS3 is a great tool to emulate your network. And its freee!

I think cabling is one area which every network engineer would love to revisit.

cevangelou Can you paste the configuration of the flow record you created? And on which interface are you applying the flow monitor to? VLAN, regular, L2, WLAN? Remember that with wireless FNF, NetFlow supports only one flow monitor per interface, per direction. So if you already have a monitor on a WLAN interface, you…

Ah yes - alerting and reporting should be the most analyzed feature when choosing a monitoring tool. Whatever be the size of one's NOC team, without proper alerting the information in the tool would be left useless.

Lucky you - You only have to fight the bots that reach your network through BYOD.

Love it when NetFlow gets fans.

Its a beast - I would agree anyday.

Are you referring to the Cisco3850 switch - I am not sure if it can support BGP/AS info. If you are talking about flexible netflow from a router, make sure you have enabled collection of AS info using the appropriate collect command when creating the flow record. I would suggest posting it as a question in the NTA forum…

Smoke could do the trick. Smoke signals not alarms.

Apply "ip flow monitor SOLARWINDSNTA-FMM input" on all interfaces of your router. That should work.

The 2nd flow cap is missing the flow direction as well as the SNMP interface index through which a flow is entering and exiting the switch. This means NTA will not know to which interface a flow has to be associated with.

And I once struggled with a rogue AP and an IP conflict. Took us months to find out what went wrong.

True - More than single pane of glass, appstack is single tab for everything in your network.

I agree with @curtisi. A Cisco device with an IOS older than 12.2 would be the bigger issue - that is vulnerabilities galore. For your requirements, LEM depends on the syslog device to provide the name and does not have a customizable name option. But I think a similar request is open for voting: Do check and add your vote.

The 1st error is a Cisco limitation - no NetFlow support on SVI interfaces. The 2nd error is a Cisco bug - and seems there is no fix yet https://tools.cisco.com/bugsearch/bug/CSCtk05866

luiloong‌ I know its too late but somehow your response missed my inbox. Where are you with the issue now? Its a Cisco limitation that SVI interfaces are not allowed for NetFlow export. How about your VLANs? Did you get them working?

Freepbx only provides the GUI for asterisk PBX. You can enable SNMP on asterisk and monitor with NPM. Check notes for asterisk SNMP here: https://wiki.asterisk.org/wiki/display/AST/Simple+Network+Management+Protocol+%28SNMP%29+Support After you have enabled SNMP, add the device to NPM - but thats more of a question for the…

Is it NTA not processing data or the Win 2003 nProbe installation not sending flows? Can you verify with Wireshark if you are receiving flows on the NTA server? If flows from nProbe are reaching the server, you could try without the -b option (which is for limited logging). I have read multiple threads about the below…