Mike, All of the architecture's listed are pretty good. Nfsen is great if you have multiple routers exporting various netflow versions with a single daemon, but its a bit older and not as pretty/quick as something using elastic.
Team Cymru has a netflow analyzer that matches your netflow data to known 'bad IPs'. http://www.team-cymru.org/Flow-Sonar.html Thanks, Scott Thanks, Scott On 3/12/18 7:24 PM, [email protected] wrote: > Howdy! > > Checking out various Netflow tools and wanted to see what others are using? > > Kentik is cool. Are they the only SaaS based flow digester? I don’t seem to > see any others. > > Also curious about on-prem solutions as well. > > Thanks! > Mike >
