Re: Service Provider NetFlow Collectors

[Mike Hammett <nanog () ics-il net>]

I just recently rolled out Elastiflow. Lots of great information. 




----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

----- Original Message -----

From: "Michel 'ic' Luczak" <lists () benappy com> 
To: "Erik Sundberg" <ESundberg () nitelusa com> 
Cc: nanog () nanog org 
Sent: Monday, December 31, 2018 3:40:40 AM 
Subject: Re: Service Provider NetFlow Collectors 

Don’t underestimate good old ELK 
https://www.elastic.co/guide/en/logstash/current/netflow-module.html 
+ https://github.com/robcowart/elastiflow 


BR, ic 





On 31 Dec 2018, at 04:29, Erik Sundberg < ESundberg () nitelusa com > wrote: 



Hi Nanog…. 

We are looking at replacing our Netflow collector. I am wonder what other service providers are using to collect 
netflow data off their Core and Edge Routers. Pros/Cons… What to watch out for any info would help. 

We are mainly looking to analyze the netflow data. Bonus if it does ddos detection and mitigation. 

We are looking at 
ManageEngine Netflow Analyzer 
PRTG 
Plixer – Scrutinizer 
PeakFlow 
Kentik 
Solarwinds NTA 


Thanks in advance… 

Erik 



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or previous e-mail messages attached to it 
may contain confidential information that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, 
distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. If 
you have received this transmission in error please notify the sender immediately by replying to this e-mail. You must 
destroy the original transmission and its attachments without reading or saving in any manner. Thank you.