SPECIAL OFFERS
Keep up with new releases and promotions. Sign up to hear from us.
Register your product to gain access to bonus material or receive a coupon.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB
The open industry format known for its reflowable content and usability on supported mobile devices.
PDF
The popular standard, used most often with the free Adobe® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB
The open industry format known for its reflowable content and usability on supported mobile devices.
PDF
The popular standard, used most often with the free Adobe® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
A comprehensive guide for deploying, configuring, and troubleshooting NetFlow and learning big data analytics technologies for cyber security
Today’s world of network security is full of cyber security vulnerabilities, incidents, breaches, and many headaches. Visibility into the network is an indispensable tool for network and security professionals and Cisco NetFlow creates an environment where network administrators and security professionals have the tools to understand who, what, when, where, and how network traffic is flowing.
Network Security with NetFlow and IPFIX is a key resource for introducing yourself to and understanding the power behind the Cisco NetFlow solution. Omar Santos, a Cisco Product Security Incident Response Team (PSIRT) technical leader and author of numerous books including the CCNA Security 210-260 Official Cert Guide, details the importance of NetFlow and demonstrates how it can be used by large enterprises and small-to-medium-sized businesses to meet critical network challenges. This book also examines NetFlow’s potential as a powerful network security tool.
Network Security with NetFlow and IPFIX explores everything you need to know to fully understand and implement the Cisco Cyber Threat Defense Solution. It also provides detailed configuration and troubleshooting guidance, sample configurations with depth analysis of design scenarios in every chapter, and detailed case studies with real-life scenarios.
You can follow Omar on Twitter: @santosomar
Big Data Analytics and NetFlow
Download the sample pages (includes Chapter 5 and Index)
Introduction xvi
Chapter 1 Introduction to NetFlow and IPFIX 1
Introduction to NetFlow 1
The Attack Continuum 2
The Network as a Sensor and as an Enforcer 3
What Is a Flow? 4
NetFlow Versus IP Accounting and Billing 6
NetFlow for Network Security 7
Anomaly Detection and DDoS Attacks 8
Data Leak Detection and Prevention 9
Incident Response and Network Security Forensics 9
Traffic Engineering and Network Planning 14
IP Flow Information Export 15
IPFIX Architecture 16
IPFIX Mediators 17
IPFIX Templates 17
Option Templates 19
Introduction to the Stream Control Transmission Protocol (SCTP) 19
Supported Platforms 20
Introduction to Cisco Cyber Threat Defense 21
Cisco Application Visibility and Control and NetFlow 22
Application Recognition 22
Metrics Collection and Exporting 23
Management and Reporting Systems 23
Control 23
Deployment Scenarios 24
Deployment Scenario: User Access Layer 24
Deployment Scenario: Wireless LAN 25
Deployment Scenario: Internet Edge 26
Deployment Scenario: Data Center 28
Public, Private, and Hybrid Cloud Environments 32
Deployment Scenario: NetFlow in Site-to-Site and Remote VPNs 33
NetFlow Remote-Access VPNs 33
NetFlow Site-to-Site VPNs 34
NetFlow Collection Considerations and Best Practices 35
Determining the Flows per Second and Scalability 36
Summary 37
Chapter 2 Cisco NetFlow Versions and Features 39
NetFlow Versions and Respective Features 39
NetFlow v1 Flow Header Format and Flow Record Format 40
NetFlow v5 Flow Head