What do you think?
Rate this book
Network Flow Analysis
Unlike packet sniffers that require you to reproduce network problems in order to analyze them, flow analysis lets you turn back time as you analyze your network. You'll learn how to use open source software to build a flow-based network awareness system and how to use network analysis and auditing to address problems and improve network reliability. You'll also learn how to use a flow analysis system; collect flow records; view, filter, and report flows; present flow records graphically; and use flow records to proactively improve your network. Network Flow Analysis will show you how to:
Identify network, server, router, and firewall problems before they become critical Find defective and misconfigured software Quickly find virus-spewing machines, even if they're on a different continent Determine whether your problem stems from the network or a server Automatically graph the most useful data And much more. Stop asking your users to reproduce problems. Network Flow Analysis gives you the tools and real-world examples you need to effectively analyze your network flow data. Now you can determine what the network problem is long before your customers report it, and you can make that silly phone stop ringing.
Identify network, server, router, and firewall problems before they become critical Find defective and misconfigured software Quickly find virus-spewing machines, even if they're on a different continent Determine whether your problem stems from the network or a server Automatically graph the most useful data And much more. Stop asking your users to reproduce problems. Network Flow Analysis gives you the tools and real-world examples you need to effectively analyze your network flow data. Now you can determine what the network problem is long before your customers report it, and you can make that silly phone stop ringing.
- GenresNonfiction
224 pages, Paperback
First published January 1, 2010
3 people are currently reading
82 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 5 of 5 reviews
June 12, 2013
This book is great if you are just getting started and not familiar with network flows. It walks you through all the steps you need from configuring your sensors and collectors to setting up a flow reporting system. I did give the book 4/5 stars because there are a few mistakes and shortcuts. It's nothing that an experienced network admin can't overcome but is a little frustrating. Like most technical books, some of the software and websites have changed. Just be prepared to do a little searching as you work through the book. The book is specific to NetFlow. There is a very brief discussion on sFlow but all of the content covers NetFlow specific tools.
Overall, the content is spot on and I would recommend this to any network admin who is responsible for performance and maintenance.
Overall, the content is spot on and I would recommend this to any network admin who is responsible for performance and maintenance.
February 4, 2019
This book was a very good introduction and exploration into network flow analytics. I enjoyed the authors writing style and his explanations for when to use specific filters/reports and why. I did not like the many typos in the book though. I also realized I’m late to picking up this book compared to other reviewers and it’s one reason I gave 3 stars as these technologies are dated. It would have been cool to see the author include some mention of Elastiflow as a solution and also more graphing tools like Grafana (https://www.plixer.com/blog/configura...), or Kibana (with Elastiflow). I highly recommend this book for anyone getting tasked to do network flow analysis, but I’d recommend that they keep in mind that the material is dated.
January 23, 2013
A very useful but highly specialized book. The beginning on what Network Flow Analysis is and why you might care is great. The middle section on how to implement and capture network flows using open source solutions in Linux is potentially either very useful or not very useful depending upon your environment. The last portion could have been more useful as it was supposed to be examples of how to solve problems using network flow, but there were only a couple of examples and they seemed to be fairly limited. The author writes in a manner that is both humorous and informative and if you have any interest in the subject manner it is well worth the read.
September 23, 2024
This is a relatively quick read and an excellent introduction to netflow. Some information is dated, but I’d recommend to any sysadmins looking to level up their monitoring skills.
September 12, 2010
This is the second book of Lucas's that I have read. I read Absolute FreeBSD, and thoroughly enjoyed it--So I went into this book with high expectations. Overall, I feel like this is a solid read for those network administrators that want to go deeper, and have the time to go deeper into network flow analyses.
NFA is a very technical book, which can make for a very boring read, but like Absolute FreeBSD, Lucas is able to maintain a light, interesting tone, even while discussing the configuration of gnuplot. (!)
From a technical perspective, NFA is very useful for getting your (open source) network flow analysis system up and going--But be aware that it will take time, especially if you want the flexibility of what FlowTracker/FlowGrapher can offer, versus the less flexible, but easier to use/learn CUFlow.
Lucas gives great practical examples of using flows to monitor & troubleshoot issues on your network. The examples are sprinkled through the book, and then a few case studies take up the last 7 pages of the book.
I found it interesting that the back cover claimed that you will learn how to:
-Identify network, server, router, and firewall problems before they become critical
-Find defective and mis-configured software
-Quickly find virus-spewing machines, even if they are on a different continent
These scenarios were covered, but in appallingly anemic sections--For instance, the "Quickly find virus-spewing machines, even if they are on a different continent" scenario was covered on 1 page. (186-187)
I guess I was thinking that since the above scenarios was a fairly large point in the description of the book, that they would be covered in a bit more detail.
One more nitpick: Lucas describes Conficker as both a Virus and a Worm--It is most definitely a worm, not a virus--There is a difference...
The above nitpicks are not enough to diminish the 5 star rating I am giving NFA: I found it to be a great addition to my reference bookshelf, and I'm sure it will be creased and dogeared as I attempt to implement my own NetFlow analysis system this next year.
-Josh Brower
NFA is a very technical book, which can make for a very boring read, but like Absolute FreeBSD, Lucas is able to maintain a light, interesting tone, even while discussing the configuration of gnuplot. (!)
From a technical perspective, NFA is very useful for getting your (open source) network flow analysis system up and going--But be aware that it will take time, especially if you want the flexibility of what FlowTracker/FlowGrapher can offer, versus the less flexible, but easier to use/learn CUFlow.
Lucas gives great practical examples of using flows to monitor & troubleshoot issues on your network. The examples are sprinkled through the book, and then a few case studies take up the last 7 pages of the book.
I found it interesting that the back cover claimed that you will learn how to:
-Identify network, server, router, and firewall problems before they become critical
-Find defective and mis-configured software
-Quickly find virus-spewing machines, even if they are on a different continent
These scenarios were covered, but in appallingly anemic sections--For instance, the "Quickly find virus-spewing machines, even if they are on a different continent" scenario was covered on 1 page. (186-187)
I guess I was thinking that since the above scenarios was a fairly large point in the description of the book, that they would be covered in a bit more detail.
One more nitpick: Lucas describes Conficker as both a Virus and a Worm--It is most definitely a worm, not a virus--There is a difference...
The above nitpicks are not enough to diminish the 5 star rating I am giving NFA: I found it to be a great addition to my reference bookshelf, and I'm sure it will be creased and dogeared as I attempt to implement my own NetFlow analysis system this next year.
-Josh Brower
Displaying 1 - 5 of 5 reviews