• State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 25 subscribers
  • Views 215 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Netflow

tbaggins

Has anyone out there that has Netflow installed ever worked with a Cisco MARS appliance?  Do the two compare?  Economically the MARS box is NOT the way to go, but the application doesn't seem to give me all I need from a "hunt the file sharing fools down" perspective.    

  • 0

    i feel MARS is excellent at correlating events to find the culprits with less digging.


    -kuperstock

  • 0

    They really aren't competing products.  MARS is a security product and uses NetFlow as one part of gathering information.  MARS is more about gathering info from different systems and correlating events and data so that action can be taken - potentially automated action at that.


    NTA is going to give you a view into what's going on with your network, but you're right that NetFlow alone is often not enough as it often takes more intelligence for the tool to understand certain types of traffic to be a specific application.  The best tools I've seen for this are actually in the QoS/Bandwidth Optimization space.  Tools such as Packeteer's Packetshaper do a great job of identifying and quantifying application traffic.

  • FormerMember
    0 FormerMember in reply to scraig84

    We have Cisco Mars implemented in our environment and frequently root out peer to peer and other spyware type activity. While the product is a powerful correlation tool, something its not is... user friendly..

  • 0

    I have both devices, the MARS box we use for security and high level eval of our network, but what we have found over time is that it does not offer some of the finer details we wanted to see. The Netflow does that with a considerably less cost than the MARS box, both are great tools if used correctly.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.