Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Community

NetworkWorld.com > Community > Community

Netflow in CS-MARS

By Srinivas on Thu, 11/20/2008 - 1:09pm.
Average: 5 (1 vote)

Hi all,

NetFlow is also involved in CS-MARS for anomaly detection. Can anyone tell me is there any any difference when NetFlow data used in NFC Engine/CS-MARS.Is there any performance issues result over the Netflow data used in NFC/CS-MARS.

Regards,
Srini

Blass
Answer by Steve Blass

Expert's answer

This Cisco security presentation discusses using Netflow with CS-Mars and indicates that enabling Netflow 5 and exporting data can increase CPU load on the router between 15 and 20 percent and that Netflow traffic may represent between 1 and 1.5 percent of the network traffic being monitored. The Device Configuration Guide for Cisco Security MARS, Release 6.x says that NSEL, which is an adaptation of Netflow 9 can transmit much of the same information in a less CPU-intensive, more secure, and more bandwidth-efficient way. The performance difference between using CS-MARS or the Netflow Collector Engine is going to depend on the hardware and which version(s) of software you are running.
Read answer

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <i> <b> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote> <br /> <br> <p>
  • Lines and paragraphs break automatically.
  • You can use BBCode tags in the text.
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Welcome, visitor. Register Log in
What's IT Asked & Answered?

youASK weANSWER peersDISCUSS

The IT community benefits from the shared knowledge