Using NetFlow to protect your net

* The trend toward tightly integrated network management and network security tools is growing

It’s no secret that I have been waiting with bated breath for network management and security technologies to converge and deliver the nirvana of efficient, risk-free operations to IT managers for quite some time.

And while in reality I still must wait for such nirvana, the trend toward tightly integrated network management and network security tools is growing. More vendors are seeing the natural link between better controlling and protecting networks. For example, Lancope last week announced it had enabled its StealthWatch System 5.6 to support NetFlow Version 9. The company also announced it integrated its flagship network behavior analysis (NBA) technology with Cisco Guard distributed denial of service (DDoS) mitigation appliances to provide network protection and availability for customers.

NetFlow is part of Cisco's IOS software and can give insight into application flows revealing who, when, why and where applications are being used. The data collected is said to help better manage application performance but also give IT managers the tools to track usage for chargeback purposes. In fact, NetFlow Version 9 is part of a standards movement within the IETF called IPFIX, that is supported by vendors such as Cisco and Juniper. Many vendors have started supporting NetFlow in an effort to give customers of their products insight into the volumes of data collected by Cisco routers and switches.

With this integration -- which is available as an upgrade to Lancope's existing StealthWatch customers -- Lancope's technology coupled with Cisco appliances, the vendor says, can help customers block malicious traffic in real time, "without affecting the flow of legitimate, mission-critical transactions." Company executives say StealthWatch can add another layer of security with raw and unprocessed NetFlow data from Cisco routers and switches and reveal potential security threats.

"Lancope recognizes that DDoS attacks continue to bypass traditional signature-based technologies and cost enterprises billions of dollars per year in lost revenue," said Harland LaVigne, president and CEO of Lancope. "By tightly coupling our innovative network behavior analysis solution with [Cisco], we are extending enterprise investments in IT architecture to enhance network operations and security."


Copyright © 2007 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022