Lancope
NetFlow Ninjas Blog

Surprise! Checkpoint’s IPSO 6.2 supports NetFlow v5/v9.

POSTED BY Adam Powers on 03.11.2010
2 comments

Lancope hosted another sold-out NetFlow 101 Bootcamp in Hartford, CT this week. If you haven't attended one yet you should! They are very good and hosted by yours truly.

One of the students brought to my attention the fact that Checkpoint's IPSO v6.2 supports NetFlow exports! Firewalls usually show up as a "dead spot" in the network in terms of flow-based visibility so this is very big news. Let's hope the other big firewall guys (that's you Netscreen!) add similar support. From 6.2 release notes...

  

Ipso flows2
 
   

Checkpoint's NetFlow support seems to be traditional NetFlow v5 and includes all the fields Lancope's collector needs to work its magic. From the 6.2 release notes...

  

Ipso flows

From what I can tell NetFlow is only supported in IPSO (Nokia appliance) so if you're using the Linux-based Checkpoint firewall you might out of luck. Sorry.

Also, be aware that enabling NetFlow in IPSO cuts the firewall state table size by 25%...

25 percent

  

CATEGORIES Network Visibility
TAGS checkpoint ipso netflow v5 v9 lancope nokia

Comments (2)

Post a Comment

Join the conversation. Post a comment using the form below.

*Name
 *Email
*Comment
*For security, enter the word you see below

Notify me of follow-up comments?

David on 03.12.2010

Good for Checkpoint.  Nice to see them stepping up to the plate.

Jeremy Siedzik on 04.08.2010

Great news!  Checkpoint is really trying hard to keep up with the monitoring solutions out there.  I will and always have endorsed Checkpoint products.  Top notch.