Open Access
Cisco Systems NetFlow Services Export Version 9
Benoit Claise
- Vol. 3954, pp 1-33
TLDR
This document specifies the data export format for version 9 of Cisco Systems' NetFlow services, for use by implementations on the network elements and/or matching collector programs.Abstract:
This document specifies the data export format for version 9 of Cisco
Systems' NetFlow services, for use by implementations on the
network elements and/or matching collector programs. The version 9
export format uses templates to provide access to observations of IP
packet flows in a flexible and extensible manner. A template defines a
collection of fields, with corresponding descriptions of structure and
semantics. This memo provides information for the Internet community.read more
Citations
More filters
Book ChapterDOI
P3CA: private anomaly detection across ISP networks
TL;DR: This work proposes an algorithm that allows ISPs to cooperatively detect anomalies without requiring them to reveal private traffic information, and concludes that privacy-preserving anomaly detection shows promise as a key element of a wider network anomaly detection framework.
Journal ArticleDOI
An integrated bandwidth allocation and admission control framework for the support of heterogeneous real-time traffic in class-based IP networks
TL;DR: A new Measurement-based Admission Control (MBAC) scheme for real-time traffic that uses measurements of aggregate bandwidth only, without keeping the state of any per-flow information is presented, which is robust with respect to traffic heterogeneity and measurement errors.
Proceedings ArticleDOI
Debugging QUIC and HTTP/3 with qlog and qvis
TL;DR: In this article, a follow-up study evaluates the real-world implementations, uses and deployments of qlog and associated qvis tooling in academia and industry and concludes that qlog is essential tools for performing root-cause analysis when debugging modern Web protocols.
Proceedings ArticleDOI
Detection of Attackers in Services Using Anomalous Host Behavior Based on Traffic Flow Statistics
TL;DR: A new flow-based attacker detection method that achieves a high detection rate using traffic flow statistics obtained by Net Flow, sFlow, etc, and accurately identifies hosts sending flows to object port as attackers, without any deep packet inspection.
Journal ArticleDOI
FloWatcher-DPDK: Lightweight Line-Rate Flow-Level Monitoring in Software
TL;DR: FloWatcher-DPDK, a DPDK-based high-speed software traffic monitor that provides tunable fine-grained statistics at packet and flow levels, is designed and provided to the community as an open source project.