[134252] in North American Network Operators' Group
What sflow software - Manage Engine Net flow analyzer or Plixer
daemon@ATHENA.MIT.EDU (Alex Pinto)
Sat Jan 1 05:57:03 2011
From: Alex Pinto <alex.pinto78@hotmail.com>
To: <nanog@nanog.org>
Date: Sat, 1 Jan 2011 21:56:53 +1100
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi everyone=2C we currently are looking at sflow options for a commercial c=
ollector and analyzer. The core use is for visibility on our network=2C for=
quickly detecting source / destination IP addresses=2C ie where the traffi=
c is going and where is it coming from=2C the type of traffic would be inte=
resting also but to be honest all which really matters is source / destinat=
ion.
=20
The requirement of the sflow software is to give us options and data very q=
uickly in the event of a DDOS attack so mitigation can occur quickly once w=
e understand what=92s happening on the network. The last thing we want is f=
or the software not to work under a DDOS (too much data) thus leaving us bl=
ind upon an attack. The quicker the software can report on issues=2C the qu=
icker we can do something about it.=20
Our current routers are fully sflow capable and both export nicely to both =
packages.
=20
Our findings so far
=20
Manage Engine Net flow analyzer has both a Linux and windows version=2C the=
software is very light and seems to perform very fast=2C although light on=
additional features such as custom reporting=2C and alerting / in depth pa=
cket information. The concern is this software too simple=2C will it work =
under heavy load?
Based on our needs Manage Engine Net flow costs $2000.00
=20
Plixer Scrutinizer =96 based on windows the software seems resource intensi=
ve but has a MASSIVE amount of extra visibility built into the software inc=
luding automatic alerts=2C that being said the software does seem extremely=
more complex to configure and understand=2C reports seem to take longer to=
produce and the information doesn=92t seem to be reported as quickly. (ie =
lags by minutes or so compared to Manage Engine) =20
Based on our needs Plixer Scrutinizer Costs $4000.00
=20
Does anyone have any real life experience on either package the cost differ=
ent between the two packages doesn=92t worry us=2C it=92s all about selecti=
ng the correct package knowing the one time we need to access the flow info=
rmation and get it quick that the package we choose preforms quickly and wo=
rks.
=20
I=92d also like to hear from anyone else using another commercial solution=
=2C which they would recommend.
=20
Thanks in advance
=20
Alex =
