Network Anomaly Detection with NetFlow and IPFIX Analysis

I was working with a customer last week who only wanted TCP, UDP, HOPOPT and ICMP on the network.  In addition to that they wanted to be alarmed if any other transport protocol passed through their Cisco ASA .  I introduced them to the Top Network Transports gadget in Flow Analytics.

Continue reading “Network Anomaly Detection with NetFlow and IPFIX Analysis”