Monitoring Cisco ASA with Netflow 9

Monitor Cisco ASA Firewalls with PRTG

Netflow is a protocol developed by Cisco for collecting IP traffic information which gives network administrators useful information on bandwidth usage, types of traffic, or traffic volume. Recently Cisco has implemented NetFlow 9 for its popular ASA 5500 security and firewall appliances. But this implementation of Cisco ASA NetFlow is quite different from what other Cisco devices provide. It is called "Netflow Security Event Logging" (NSEL) and was originally introduced with the Cisco ASA 5580. Now, with the latest firmware (ASA 8.2.x or later), it has also been extended to other Cisco ASA models.

Download Free Trial
or Freeware

How does Cisco ASA NetFlow Monitoring Work?

Although Cisco ASA Netflow 9 was not created for real-time traffic analysis (but for security events monitoring) it can be used for bandwidth monitoring. In combination with PRTG Network Monitor, Cisco ASA Netflow 9 offers the following features:

Monitoring of bandwidth usage
Top Connections
Top Talkers
Top Protocols

It must be noted that Cisco ASA Netflow 9 faces some limitations when compared to the normal Netflow protocol:

Traffic data is not shown in real time, but only after the connection has ended. This results in an uneven distribution of traffic data for long connections
Incoming and outgoing traffic data are shown together, with no distinction between the two directions
Netflow 9 monitoring on the Cisco ASA causes a considerable CPU load

PRTG Network Monitor

PRTG NetFlow Analyzer is Paessler's powerful network monitoring utility. It ensures the availability of network components while also measuring net bandwidth, monitoring network utilization and load. It saves costs by avoiding outages, optimizing connections, saving time and controlling service level agreements (SLAs). PRTG has been tested and certified "Cisco Compatible" as it is a market leading tool for network monitoring and is able to analyse Cisco's NetFlow protocol. You can use as many NetFlow sensors as you want with any PRTG license, they just count against your overall sensor limit.

You are here: Home > Solutions > Monitoring Cisco ASA

About Us

Paessler AG leads the industry in providing the most powerful, affordable and easy-to-use network monitoring and testing solutions. The company’s suite of just-right software products deliver peace of mind, confidence and convenience for businesses of all sizes – from Small Office/Home Office (SOHO) to large enterprises, including more than 70% of the Fortune 100 companies. Based in Nuremberg, Germany, Paessler’s global reach includes more than 150,000 active installations of its products. Founded in 1997, Paessler AG remains a privately held company and is recognized as both a member of the Cisco Developer Network and a VMware Technology Alliance Partner.
Latest News

2012-May- 7
Introducing the New Geo Maps of PRTG 12

2012-Apr-30
Introducing the New Sensor Types of PRTG 12

2012-Apr-26
PRTG 12 Public Beta Test

2012-Apr-25
Version 12 of PRTG will introduce "Continuous Rollout"
Contact Us

Paessler AG
Bucher Str. 79a
90419 Nuremberg
Germany

sales@paessler.com

Stay Up-to-date

Subscribe to our free newsletter!

Solutions • Contact • Sitemap • Privacy Policy • Terms

Monitoring Cisco ASA with Netflow 9

Monitor Cisco ASA Firewalls with PRTG

How does Cisco ASA NetFlow Monitoring Work?

PRTG Network Monitor

About Us

Latest News

Contact Us

Stay Up-to-date