crannog userguide
TRANSCRIPT
-
7/31/2019 Crannog Userguide
1/11
GL-GLOBE/ 1May 15, 2012
Crannog netflow tracker training
Laurent Steffen
September 2007
-
7/31/2019 Crannog Userguide
2/11
GL-GLOBE/ May 15, 2012 2
AgendaAgenda
Network Overview. Real time report vs Long time report.
Annexe
NetFlow Tracker is used to capture full NetFlow / IPFIX traffic information, allowing significant
in-depth application and protocol information analysis to take place including user, server andapplications activity. Traffic views by user, user group, conversation, system and application are
available. Suitable for security, QoS, traffic analysis requirements
Key Benefits
All the network, all the records, all the fields - all the time
NetFlow built-in to most Cisco routers and managed switches and easily enabled
All data conversations captured with per-minute resolution Data storage and archiving up to 999 years
Delivers unmatched network forensics, troubleshooting and reporting capabilities
Multicast Support
Detailed network traffic visibility without probes or appliances
Traffic identification by deep packet inspection
Critical tool for todays VOIP/IP Telephony and MPLS deployments
-
7/31/2019 Crannog Userguide
3/11
GL-GLOBE/ May 15, 2012 3
Network overviewNetwork overview (1/4)(1/4)
Network OverviewAvailable through Orion
Top 5 devices per usage
Top 5 interfaces per usage
Top 5 interfaces per traffic
-
7/31/2019 Crannog Userguide
4/11
GL-GLOBE/ May 15, 2012 4
Network Overview (2/4)Network Overview (2/4)
Applications per source device
-
7/31/2019 Crannog Userguide
5/11
GL-GLOBE/ May 15, 2012 5
Network Overview (3/4)Network Overview (3/4)
Top 10 conversations per application.
-
7/31/2019 Crannog Userguide
6/11
GL-GLOBE/ May 15, 2012 6
Network Overview (4/4)Network Overview (4/4)
Other views
-
7/31/2019 Crannog Userguide
7/11GL-GLOBE/ May 15, 2012 7
Real time reports vs Long time reportReal time reports vs Long time report
Real time reportsmin 1 minute granularity.
Up to 3 days.
Slow down the system.
Could be defined on the fly by filter editor.
Long time reportsmin 10 minutes granularity.
separated DB.Better performance.
Need to be defined in advance.
-
7/31/2019 Crannog Userguide
8/11GL-GLOBE/ May 15, 2012 8
Real time report (1/2)
Network overview.Filter Editor.
-
7/31/2019 Crannog Userguide
9/11GL-GLOBE/ May 15, 2012 9
Real Time report (2/2)
Report template = Layout of the reportAddress reports.
Session reports.
QoS reports.
Network reports.Traffic identication.
Source device : Netflow packets source devices.
Add Filter
Filters to select Ips, ports (applications).Save ...
If you click on save, the filter will be available under AddFilter/Saved Filter.
-
7/31/2019 Crannog Userguide
10/11GL-GLOBE/ May 15, 2012 10
Long term report
Long term reports are made every day.A template library come out of the box.
BTC supplies QoS template.
Custom long term report to be asked to ITSM network
services
-
7/31/2019 Crannog Userguide
11/11GL-GLOBE/ May 15, 2012 11
Annexe
Crannog Netflow userguide
http://www.crannog-software.com/index.php?go=Product.ShowDetail&ProductID=1
Adobe Acrobat .77Document
http://www.crannog-software.com/index.php?go=Product.ShowDetail&ProductID=1http://www.crannog-software.com/index.php?go=Product.ShowDetail&ProductID=1http://www.crannog-software.com/index.php?go=Product.ShowDetail&ProductID=1