Lead Image © Qi Feng, 123RF.com

Lead Image © Qi Feng, 123RF.com

NetFlow reporting with Google Analytics

Traffic Analysis

Article from ADMIN 27/2015
By
The free Google Analytics is a convenient way to analyze website usage; but, with a few minor modifications, the service can also be used for simple evaluations of any data traffic on the company network. We show you how to use Google Analytics to capture and analyze NetFlow data.

Cisco IOS NetFlow [1] collects IP traffic statistics at network interfaces, providing a valuable source of information to system administrators who want to gain in-depth insights into the activities of their enterprise network. Routers and Layer 3 switches that support NetFlow collect client connection information and send it to a central server at irregular intervals. Since the introduction of NetFlow by Cisco, other major network hardware vendors have followed suit and implemented proprietary versions or the RFC-based version [2]. The basic principle is the same.

NetFlow

A NetFlow package [4] includes up to 30 one-way connection entries (depending on the version and package size). For example, each entry from version 5 includes:

  • Source and destination IPv4 addresses
  • Source/destination port numbers
  • IP protocol (e.g., TCP, UDP, or ICMP)
  • Incoming and outgoing router interfaces
  • Number of transported bytes and packages
  • Start and end of the connection
  • Type of service (priority bits)

Newer implementations with NetFlow version 9 offer additional information about Multicast, IPv6, BGP (Border Gateway Protocol), and MPLS (Multiprotocol Label Switching). The package's information content can be freely chosen so that no empty fields or uninteresting entries are sent.

When using NetFlow in a professional environment, you are given the choice between a commercial NetFlow analyzer with many features or an open source implementation at zero cost. In this article, I describe a new, third variant: analysis of traffic data from the cloud. A NetFlow collector local to the company collects all the

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Lead Image © Sergii_Figurnyi, 123RF.com
    Improved visibility on the network
    OpenNMS collects and visualizes flows so you can discover which network devices communicate with each other and the volume of data transferred.
    more »
  • Lead Image © Amy Walters, 123RF.com
    DDoS protection in the cloud
    OpenFlow and other software-defined networking controllers can discover and combat DDoS attacks, even from within your own network.
    more »
  • Virtual switching with Open vSwitch
    Virtualization with Vmware, KVM, and Xen is here to stay. But up to now, no virtual switch has supported complex scenarios. Open vSwitch supports flows, VLANS, trunking, and port aggregation just like major league switches.
    more »
  • Building a defense against DDoS attacks
    Targeted attacks such as distributed denial of service, with thousands of computers attacking your servers until one of them caves in, cannot be prevented, but they can be effectively mitigated.
    more »
  • Photo by Geran de Klerk on Unsplash
    Detecting security threats with Apache Spot
    Security vulnerabilities often remain unknown when the data they reveal is buried in the depths of logfiles. Apache Spot uses big data and machine learning technologies to sniff out known and unknown IT security threats.
    more »
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=