Open Access
Cisco Systems NetFlow Services Export Version 9
Benoit Claise
- Vol. 3954, pp 1-33
TLDR
This document specifies the data export format for version 9 of Cisco Systems' NetFlow services, for use by implementations on the network elements and/or matching collector programs.Abstract:
This document specifies the data export format for version 9 of Cisco
Systems' NetFlow services, for use by implementations on the
network elements and/or matching collector programs. The version 9
export format uses templates to provide access to observations of IP
packet flows in a flexible and extensible manner. A template defines a
collection of fields, with corresponding descriptions of structure and
semantics. This memo provides information for the Internet community.read more
Citations
More filters
Proceedings ArticleDOI
Netflow probe intended for high-speed networks
TL;DR: The proposed architecture of network flow monitoring adapter based on hardware platform COMBO6, which is able to monitor flows in high-speed environment with use of field programmable gate arrays placed on these cards, is described.
Detecting Reflection Attacks in DNS Flows
TL;DR: This paper proposes a detection algorithm based on NetFlow data that allows for real-time detection of ongoing attacks and identication of the targets and is found to have a 96% accuracy using DNS requests and 93% accuracy with DNS responses.
Patent
Traffic control method, apparatus, and system
Shinsuke Suzuki,Shimojo Toshio +1 more
TL;DR: In this paper, the flow information of excessive traffic detected by a traffic monitor of a packet forwarding apparatus is entirely delivered to a manager server by combining input/output port information of the flow and topology information.
Journal ArticleDOI
TIFAflow: enhancing traffic archiving system with flow granularity for forensic analysis in network security
TL;DR: This paper enhances the traffic archiving system named TImemachine+FAstbit (TIFA) with flow granularity and presents TIFAflow, the design and implementation of a novel system for archiving and querying network flows that has a higher performance improvement in storing and queried performance than TimeMachine and TIFA, both in time and space metrics.
Book ChapterDOI
The network data handling war: MySQL vs. NfDump
TL;DR: This paper focuses on MySQL and NfDump, testing their capabilities under different usage scenarios and increasing data set sizes, and presents the operational experience in dealing with large amounts of network data.