Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News
SYS-CON.TV
Cloud Expo & Virtualization 2009 East
PLATINUM SPONSORS:
IBM
Smarter Business Solutions Through Dynamic Infrastructure
IBM
Smarter Insights: How the CIO Becomes a Hero Again
Microsoft
Windows Azure
GOLD SPONSORS:
Appsense
Why VDI?
CA
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
ExactTarget
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun
Sun's Incubation Platform: Helping Startups Serve the Enterprise
POWER PANELS:
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts
Juniper XGS 5000 IPFIX Support
It’s really NetFlow

I got this Google alert the other day and it caught my attention because it talked about configuring IPFIX and the link went to a pdf on Juniper XGS 5000 IPFIX Support.  Apparently the Juniper Networks Security Network Protection XGS 5000, a next generation IPS now supports IPFIX but really, it’s NetFlow.  I got sort of excited because I love finding out about new gear that supports NetFlow or IPFIX.  I clicked on the link and in the first paragraph I read:


“Juniper Networks Security Network Protection XGS 5000, a next generation IPS, is an example of a device that sends flow traffic in IPFIX flow format.” YEE HA!  I want to get me some.  I kept reading and and saw this “IPFIX provides more flow information and deeper insight than NetFlow v9.” Which isn’t exactly true.  Although IPFIX is a bit more open to the Internet community than NetFlow and IPFIX allows for variable length strings among other things, NetFlow is still very much used to send information that provides incredibly deep insight.  Never the less, I kept reading thinking I was going to run into something on JFlow Network Traffic Analysis.  What I found was even more interesting:

  • “The process of sending IPFIX data is often referred to as a NetFlow Data Export (NDE).” Really? Maybe at Juniper but, not in the industry.
  • “IPFIX uses User Datagram Protocol (UDP) to deliver NDEs.” Use IPFIX to deliver NetFlow?  What is going on here?
  • “Ensure the IPFIX template from the IPFIX source includes the following fields:” And then most if not all NetFlow (i.e. not IPFIX) fields are listed:
  • FIRST_SWITCHED
  • LAST_SWITCHED
  • PROTOCOL
  • IPV4_SRC_ADDR
  • IPV4_DST_ADDR
  • L4_SRC_PORT
  • L4_DST_PORT
  • IN_BYTES or OUT_BYTES
  • IN_PKTS or OUT_PKTS
  • TCP_FLAGS (TCP flows only)

MESSAGE TO JUNIPER: NetFlow and IPFIX are very similar however, they are different technologies.  As different as an orange is to a tangerine.  The terms cannot be used interchangeably because they really are different technologies.  END MESSAGE

My hunch is that what Juniper is exporting is NetFlow and not IPFIX. If they would send us a packet capture, we will look at this byte as we did for the wrongly claimed Nortel IPFIX Support.  Where we pointed out that Nortel really wasn’t supporting IPFIX despite their marketing claims.

Nortel Avaya IPFIX Support

Notice above it says 00 09 (Version v9). According to the RFC, it should be 00 0a, if it was truly IPFIX.

<<< — begin paste from the RFC— >>>

RFC 5101 IPFIX Protocol Specification          January 2008
Message Header Field Descriptions:

Version

Version of Flow Record format exported in this message.  The value of this field is 0x000a for the current version, incrementing by one the version used in the NetFlow services export version 9 [RFC3954].

<<< — end paste — >>>

We love working with new NetFlow and IPFIX hardware but, vendors need to read up before calling something IPFIX Vs. calling it NetFlow.  Here is a great post on What is IPFIX.  I hope it helps.  Despite the issues I found, I would like to finish this blog by saying: nice work Juniper, it is good to see you getting on the IPFIX and NetFlow bandwagon!

NOTE: Any vendor interested in exporting IPFIX should reach out to us for complementary consulting.

Ellen

For a free 30 day trial of Scrutinizer, Download Now

Sign up for Advanced NetFlow Training coming to a city near you!

Read the original blog entry...

About Michael Patterson
Michael Patterson, is the founder & CEO of Plixer and the product manager for Scrutinizer NetFlow and sFlow Analyzer. Prior to starting Somix and Plixer, Mike worked in a technical support role at Cabletron Systems, acquired his Novell CNE and then moved to the training department for a few years. While in training he finished his Masters in Computer Information Systems from Southern New Hampshire University and then left technical training to pursue a new skill set in Professional Services. In 1998 he left the 'Tron' to start Somix and Plixer.

Latest Cloud Developer Stories
With more than 30 Kubernetes solutions in the marketplace, it's tempting to think Kubernetes and the vendor ecosystem has solved the problem of operationalizing containers at scale or of automatically managing the elasticity of the underlying infrastructure that these solutions n...
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructur...
When building large, cloud-based applications that operate at a high scale, it's important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. "Fly two mis...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performa...
As Cybric's Chief Technology Officer, Mike D. Kail is responsible for the strategic vision and technical direction of the platform. Prior to founding Cybric, Mike was Yahoo's CIO and SVP of Infrastructure, where he led the IT and Data Center functions for the company. He has more...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021



SYS-CON Featured Whitepapers
ADS BY GOOGLE