Happy new Year!
You may of heard that the newer ASA 5580`s supported Netflow Secure Event Logging.
Now i`ve never seen this in action, but it may be of interest to see this is supported by MARS..
Check out the links Below...
Configuring NSEL for MARS on the ASA 5580
Configuring and Using NetFlow Secure Event Logging (NSEL)
Cisco ASA 5580 Implementation Note for NetFlow Collectors
On a further note, i believe NetFlow v9 support is limited to parsing and storing only the fields that Cisco Security MARS already parses and stores for NetFlow v5/v7.
Subscribe to:
Post Comments (Atom)
Posts
1 comment:
Scrutinizer supports NSEL and ASA NetFlow traffic analysis. Here is how to do it:
http://www.cisco.com/en/US/docs/security/asa/asa81/netflow/netflow.html
Post a Comment