Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Netflow Traffic Analyzer (NTA) > Example NetFlow Config - Cisco ASA

Example NetFlow Config - Cisco ASA

Table of contents
Created by Justin Wyllys, last modified by Verwin Ubana on Jul 10, 2017

Views: 1,699 Votes: 2 Revisions: 8

Overview

In order to see flow data from your Cisco ASA in SolarWinds NTA, you must configure the device to export flow data. This article includes an example config you can use to build your own config specific to your environment.

Environment

  • Cisco ASA 55XX-X
  • All NTA versions

Detail

 

Example Config:

 

!
flow-export destination inside 1.1.1.1 2055 
flow-export template timeout-rate 1 
flow-export delay flow-create 60 
access-list netflow-export extended permit ip any any 
class-map netflow-export-class 
match access-list netflow-export 
policy-map global_policy 
class netflow-export-class 
flow-export event-type all destination 1.1.1.1 
service-policy global_policy global

 

Customer may only can configure device per security reasons through ASDM console. Here is an article of an example config walk through that may be of some help:

https://supportforums.cisco.com/docu...tflow-asa-asdm

 

Helpful links

https://supportforums.cisco.com/docu...tflow-asa-asdm

 http://www.solarwinds.com/support/Netflow/docs/understandingciscoasanetflow.pdf

 http://www.solarwinds.com/documentation/NetFlow/docs/NetFlowDeviceConfiguration.pdf

 

Link to Cisco ASA 9.1.(2) or higher software version Netflow configuraiton:

https://support.solarwinds.com/Success_Center/New_Articles/NTA_-_Updated%3A_Cisco_ASA_with_software_version_9.1.(2)_or_higher

 

Last modified
13:49, 10 Jul 2017

Tags

Classifications

Public