Network flow analysis is the art of studying high volume network traffic. Rather than capture every single packet, flow analysis allows network administrators to selectively record and filter network data, so they’re only collecting the data they really need. Flow analysis makes difficult tasks like real-time network monitoring, user profiling, security analysis, and data mining dead simple.
Network Flow Analysis is the first book to show system administrators how to assess, analyze, and debug a network using flow analysis. In his latest work, author Michael W. Lucas teaches network administrators how to build a flow-based network awareness system and how network analysis and auditing can help address problems and improve network reliability.
Readers learn what a flow is, how flows are used in network management, and how to use a flow analysis system. Lucas also explains how to collect flow records; view, filter, and report flows; present flow records graphically; and use flow records to proactively improve a network with tools like Cflow.pm, CUFlow, FlowScan, FlowViewer, NetFlow, sFlow, and so on.
Among the many other topics covered in Network Flow Analysis, readers will learn how to:
- Identify network, server, router, and firewall problems before they become critical
- Find defective and misconfigured software
- Quickly find virus-spewing machines, even if they’re on a different continent
- Determine whether problems stem from the network or a server
- Automatically graph the most useful data.
Network Flow Analysis offers the tools and real-world examples that system administrators need in order to effectively analyze their network flow data. Now they can determine what the root of that pesky network problem is long before their customers report it.