Modern IP networks operate at a scale where abnormal traffic patterns can emerge faster than operators can react. Sudden traffic spikes, protocol floods, or unexpected shifts in packet behavior may indicate misconfigurations, malfunctioning...
So far, we have discussed NetFlow configuration for network devices from various vendors such as Cisco, Juniper, Huawei, VyOS. We have collected layer 3 and 4...
Our previous article discusses flow-based SSH compromise detection. A force attack against SSH hosts consists of scan, brute-force and compromise phases that...
Secure Shell (SSH) provides a secure channel over an unsecured network in a client-server model. SSH is typically used to log into a remote machine and...
The Internet we know nowadays cannot properly operate without using the Domain Name System (DNS). DNS syncs up domain names with IP addresses so humans can...
Simple Network Management Protocol (SNMP) is a well-known standardized application layer protocol, originally developed for network management but mostly used...
Duplication of NetFlow occurs when the NetFlow records about the same flow are exported multiple times to a NetFlow collector. In turn, the volume of network...
In our previous article we have discussed the alternative way to get flow statistics using a NetFlow generator. One of the fundamental features of the...
What is a NetFlow Generator? A NetFlow generator is a dedicated network appliance or software running on a PC and listening on a single or multiple network...
This is the second part of the post dedicated to NetFlow configuration. In the first part, we’ve discussed the configuration of Flexible NetFlow on Cisco IOS...
One of our recent blog posts dedicated to NetFlow technology provides the necessary knowledge needed to understand NetFlow principles and what it is used for....
Flow-based (NetFlow, IPFIX, NetStream) and packet-based (sFlow) network monitoring technologies enable network administrators to gain insight into traffic...
Network monitoring is a systematic effort to monitor parameters of a computer network in order to detect issues that degrade network performance. Network...
Nowadays, the very abstract ideas underlying the quantum physics are being translated into reality thanks to new technological capabilities in the field of...
This blog post discusses BGP Labeled Unicast (BGP-LU) which is used in multi-regional networks to carry the label information. While the RFC3107 “Carrying...
The aim of this article is to discuss the importance of Recursive Lookup in BGP. First of all we need to understand the purpose of the recursion method and...
RFC 7311 defines an optional non-transitive BGP attribute called the Accumulated IGP Metric Attribute (AIGP). As we know, IGP stands for Interior Gateway...
Quality of Service (QoS) refers to a collection of technologies that networking devices use to apply different treatment to packets as they pass through the...
We have recently posted the BGP Route Aggregation eBook that discusses the benefits of route aggregation and explains the various optional parameters...
