CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 6 of 6

Thread: Netflow Replicator

  1. #1
    Join Date
    2006-01-28
    Posts
    163
    Rep Power
    14

    Default Netflow Replicator

    Does any know of any open source netflow replicators? The one netflow replicator I found costs $19K.

    Thank you in advance
    Listen is an acronym for silent.

  2. #2
    Join Date
    2006-01-28
    Posts
    163
    Rep Power
    14

    Default Re: Netflow Replicator

    I think I narrowed it down to

    Samplicator: https://github.com/sleinen/samplicator

    and

    flow-fanout (part of a library and a collection of programs used to collect, send, process, and generate reports from NetFlow data)

    https://blog.pierky.com/netflow-how-...-debian-setup/

    http://linux.softpedia.com/get/Syste...ls-13642.shtml
    Listen is an acronym for silent.

  3. #3
    Join Date
    2014-10-10
    Posts
    250
    Rep Power
    5

    Default Re: Netflow Replicator

    Why not logstash as flow collector ? Read here

  4. #4
    Join Date
    2006-01-28
    Posts
    163
    Rep Power
    14

    Default Re: Netflow Replicator

    I wasn't aware of Logstash.

    I did find a UDP fanout device: https://www.dcbnet.com/datasheet/pr6602ds.html
    Listen is an acronym for silent.

  5. #5
    Join Date
    2007-03-30
    Location
    DFW, TX
    Posts
    303
    Rep Power
    13

    Default Re: Netflow Replicator

    pf on OpenBSD has the routing option dup-to, available since OpenBSD 3.1 in mid-2001. FreeBSD uses a very old version of pf, but 11.1-stable's manpage for pf.conf also lists the dup-to option. From a quick check, FreeBSD first included pf in 5.3-RELEASE in late 2004, and the dup-to option was there from the beginning.

    FreeBSD's network stack is extremely high-performance. OpenBSD has worse network performance, but current pf (as it is the platform for which pf is developed). In both cases, pf can make network traffic do almost anything you want. It's a very flexible tool.
    Zimmie

  6. #6
    Join Date
    2019-05-31
    Posts
    1
    Rep Power
    0

    Default Re: Netflow Replicator

    Quote Originally Posted by amani View Post
    I wasn't aware of Logstash.

    I did find a UDP fanout device: https://www.dcbnet.com/datasheet/pr6602ds.html
    is that useful ?

Similar Threads

  1. Netflow and VSX
    By bingdude in forum VPN-1 VSX
    Replies: 2
    Last Post: 2018-02-20, 08:55
  2. Netflow on R77.20 SPLAT
    By marcko32 in forum R77.20
    Replies: 1
    Last Post: 2017-01-09, 13:14
  3. Checkpoint and Netflow collector
    By Kanan in forum Intermediate
    Replies: 1
    Last Post: 2016-09-22, 11:05
  4. VSX and Netflow issue
    By eldo37 in forum VPN-1 VSX
    Replies: 8
    Last Post: 2016-01-12, 22:04
  5. IPSO Netflow
    By pebbles5 in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 4
    Last Post: 2010-12-21, 00:04

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •