Is Neflow stats secure if sent over the Web?

hummer3331973 · May 13, 2008

Hi-

I'm running a Netflow collector in the HQ. I want to enable the branch router's Netflow and send it my HQ collector via the public Internet. Is this secure? If not, what do you guys suggest?

My Netflow collector only supports version 5.

Thanks.

ADB100 · May 13, 2008

Site to Site VPN? Set the source of the NetFlow packets to be a loopback interface and on the internet facing interface apply a crypto map for a site-to-site VPN.

HTH

Andy

hummer3331973 · May 13, 2008

Thanks Andy. That's also my first option but here is my problem:

HQ:

http://WWW <->

ROUTER <-> FWALL <-> PRIVATE LAN <-> Netflow collector

The HQ router above is using public IPs on all interfaces. I assigned my Netflow collector a public IP (port forwarding) where the branch router can send its stats.

Let's say my HQ router E0/0 is 192.168.1.1/24 and my Server is 192.168.1.2/24, and I create a VPN between routers, will the path to .2 be still encrypted even if there's a firewall in between?

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Is Neflow stats secure if sent over the Web?

hummer3331973

Technical User

ADB100

Technical User

hummer3331973

Technical User

Similar threads

Part and Inventory Search

Sponsor