Hi there! I've heard about Netflow for Cisco Routers, and I heard it's quite a good utility to manage a network use.
I want to know if there is any utility that permits making stadistics of wich ip addresses are using more the network and what protocols are them using in a device such as cisco PIX 501or 515. Thanks and regards
The PIX 501 is currently restricted to run 6.x software. The PIX 515 can run 6.x or 7.0 or 7.1 software. The monitoring available with 7.0 and 7.1 is more advanced than for 6.x, but I have not examined the differences as yet. I do recall, though, that there is no equivilent to netflow for PIX 6.x or PIX 7.0.
For PIX 6.x, if you are trying to track by anything finer-grained than total traffic on the [logical] interface, then your only option is to set up logging to a syslog server, and to use some program that analyses the syslog output. The two major limitations on that are: 1) that it has no way to provide you with information about current bandwidth usage through syslog (but snmp can give overall bandwidth usage); and 2) that throughput estimates cannot be made for connections until the connection closes and the final connection time and byte-count are written out. The byte counts are not broken down by direction, unfortunately.
For sample source to do a traffic volume analysis of a PIX 6.x log, see
jakemichaelwilson had written this in response to
Jake Michael Wils> Hi there! I've heard about Netflow for Cisco Routers, and I heard
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.