Category: sFlow

The Cyberspace Arms Race Continues, Are You Keeping Up?

As information security techniques have evolved, so have the attackers’ methods and motivations. So while the threat landscape continues to evolve, so do the countermeasures available to the modern infosec warrior. READ MORE

NetFlow Finally Making it’s Way into the Government Sector

Lancope has always done a fair amount of business in the federal and state governments but over the last two years the number and size of new government customers has increased tremendously. Chris Coleman with Cisco explains on his blog... "The dynamic nature of the cyber threat landscape and growing level of sophistication and customization of attacks are requiring organizations to monitor their internal networks at a new level. IP flow monitoring (NetFlow) coupled with security focused NetFlow collectors like Lancope’s StealthWatch is helping organizations quickly identify questionable activity and anomalous behavior." Chris goes on to talk about how sampled… READ MORE

Fortinet Adds Support for sFlow

My friend Aaron Torres over at Fortinet recently informed me that the FortiGate UTM appliance now supports sFlow. I don't talk about sFlow on this blog all that much but it's out there and anyone that uses Extreme, HP Procurve, or Brocade/Foundry equipment will tell you that it's quite useful when married with a capable sFlow collector. sFlow is supported on FortiOS 4.0MR2 and above. Here's a link to a Fortinet KB article discussing configuration of sFlow in a FortiGate device. sFlow operates by sampling 1 in N packets as they arrive at the device's Ethernet interface. A small bit of the… READ MORE