Cisco ASA is a security device that provides visibility on the nature of IN and OUT traffic and allows you to manage security policies more efficiently. Cisco ASA traffic monitoring and analysis plays an important role in preventing the network from any malicious or activities. Thus, a traffic monitoring tool like NetFlow Analyzer will help you identify traffic that generated a large number of connections through your firewall and monitor the performance of your firewall policies.
With NetFlow Analyzer's real-time traffic graphs and reports, you can:
NetFlow Analyzer uses flow technologies to analyze the traffic patterns passing through your Cisco ASA firewall. Configuring flows from Cisco ASA provides a set of pre-bundled reports that helps to detect suspicious traffic in the network and allows you to apply ACL or service policies. For instance, even though your firewall is configured to allow only legitimate traffic, there is an excess flow of traffic and it is affecting the performance of your firewall.
In case of such scenarios, the top five features you can look for in NetFlow Analyzer are:
The dashboard in NetFlow Analyzer will give you the details on top talkers in the network by usage such as top applications, protocols and IP addresses. Check for the excess or unusual traffic for specific ports or protocols in the network. The dashboard view gives of traffic details up to layer 7 applications which helps in identifying the most used ports in the network. Once you identify the port, check if it is an external port which could cause a security threat.
Reports in NetFlow Analyzer gives in-depth visibility to track the traffic based on set criteria and time. With custom search reports, you can drill down to conversation level details to find out if the excess traffic is due to a particular application or a source or destination. Also, a consolidated report for Cisco ASA will give you a complete view of traffic details. With Cisco ASA traffic reports, you can also answer how much traffic is consumed by each IP address, what is the share of traffic for each application and protocol, and who are the top offenders and targets in the network.
ASAM gives an in-depth view of the security events happening in the network. It helps in detecting zero-day network intrusions. It classifies the security threats into four different category and they are : 1. Bad Src – Dst 3. DoS attack 3. Suspect Flows 4. Scan/Probes. These categories are based on malformed TCP/UDP packets, invalid TOS flows, and invalid source/destination.
Threshold-based alerts in NetFlow Analyzer notifies you whenever there is traffic spike or unusual traffic in the network. Set multi-level thresholds and get notified when the bandwidth usage is high in the network with this our Cisco ASA traffic monitoring tool.
NetFlow Analyzer allows you to take control of your network once you find out the exact cause of the problem. If there are any external IPs that could be a threat to your network, you can apply ACL and block the access. Also, if there are any non-business critical applications consuming excess traffic, you can re-configure your existing service policies and shape traffic.
Thus, NetFlow Analyzer helps you to answer the who, when and what of your network traffic. Apart from being a Cisco ASA monitoring solution, NetFlow Analyzer also provides complete traffic monitoring and security analytics for other firewall devices such as Fortigate, Sonicwall, Juniper, and other leading vendors in the market.
Troubleshoot faster and take control of your Cisco ASA monitoring with NetFlow Analyzer.