Newbie question: I would welcome recommendations on collector and analysis tools for a mixed IPv4 / IPv6 network. The sensors are Cisco routers and OpenBSD firewalls running pf.
I've read the excellent Michael W. Lucas book on flow-tools, and have a simple setup running with sensors exporting Netflow v5 records to a flow-tools collector box. But given the caveats about no IPv6 or Netflow v9 support likely to arrive soon, I'm wondering if it makes sense to go too far down the road with flow-tools. I could use some advice on alternatives; I have no experience with nfdump (and indeed only limited experience with flow-tools and the flowd sensor on the pf boxes). If you were building a setup from scratch today to monitor and analyze IPv4 and IPv6 traffic, what would you use? thanks dn _______________________________________________ Flow-tools mailing list [email protected] http://mailman.splintered.net/mailman/listinfo/flow-tools
