So everyone seems to recommend Netflow. I don't know much about it but I'll only ask these basic questions and research the rest:
My switches are 3548XL and 2948g-L3 switches. Is netflow supported on these by default or do I have to buy some feature package? Could I just enable it on these models? 2948>sh ver Cisco Internetwork Operating System Software IOS (tm) L3 Switch/Router Software (CAT2948G-IN-M), Version 12.0(7)WX5(15a) RELEASE SOFTWARE Cisco3500-3>sh ver Cisco Internetwork Operating System Software IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5)XU, RELEASE SOFTWARE (fc1) thanks a bunch. ""Greg Reaume"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Sam, > > OVER HERE! LOOK HERE! PICK ME! > > :) Seriously though, take a look at NetFlow. Nice flow based accounting > exported at flow conclusion by the router to a 'collector'. It records, on > a per-flow basis, src AS, src IP, src port, dst AS, dst IP, dst port, pkts > in flow, B in flow, start time, stop time, etc, etc, etc. I'm sure you get > the idea; this is pretty powerful stuff! > > You can have your collector aggregate all the flow exports over a given time > period, or you can have your router do it before it sends the info to the > collector. Cisco sells their own commercial products to collect and analyze > and they also partner with 3rd party commercial vendors to provide you with > collectors and analyzers. The best stuff though, IMHO, are the tools from > the open source community. Cisco acknowledges these tools and even lists > where you can get them on their website, however, they are obviously not > supported. > > Start here: > > http://www.cisco.com/go/netflow > > http://net.doit.wisc.edu/~plonka/FlowScan/ > > http://www.splintered.net/sw/flow-tools/ > > http://www.columbia.edu/acis/networks/advanced/CUFlow/ > > > There are good examples of implementations here: > > http://wwwstats.net.wisc.edu/ > > http://www.canet3.net/stats/map.html > > > And of course, although they have no relation to NetFlow, no disscussion of > network monitoring tools is complete without Tobi's Tools: > > http://www.smokeping.org > > http://www.mrtg.org > > http://www.rrdtool.org > > > HTH, > > Greg Reaume > > > ""Cliff Stewart"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Sam, > > Have you taken a look at NBAR? Take a look at the > Cisco IOS Quality of Service Solutions Configuration Guide > it should work for you. > > -Cliff > > -----Original Message----- > From: "sam sneed" > To: [EMAIL PROTECTED] > Date: Tue Oct 08 10:19:08 PDT 2002 > Subject: protocol monitoring software [7:55110] > > >Hello, > > > > I am looking for software that will monitor what kind of traffic is going > >through my network and report it.I am only concerned with what is going > >through my firewall so I will place the monitoring station on a hub with > the > >firewall or use SPAN port. Here are requirements: > > > >Doesn't use netflow to collect data, want to use libpcap to capture data. > >Want breakdown of what type of traffice by bytes and %'s ie. HTTP, FTP, > SMTP > >etc. > >Do not want to use NTOP, too much of a pain in the ass to get it to work > >longer than 20 minutes without a seg fault. > >Would like the output in graphical form preferbably embeded in a web page. > > > >If anyone has come across this please let me know. I'm contemplating > writing > >my own software but would rather not. > > > >Thanks. > ___________________________________________________ > GO.com Mail > Get Your Free, Private E-mail at http://mail.go.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=55174&t=55110 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]