Dave Plonka, University of Wisconsin - Madison
FlowScan is a freely-available traffic analysis and
visualization tool used primarily with Cisco NetFlow.
In this presentation and BOF, we will run FlowScan "live" -
having it analyze the real network traffic from the
NANOG meeting itself. While most FlowScan sites
utilize Cisco NetFlow, we will demonstrate it
utilizing the flow features of RiverStone and/or
Juniper gear. The best time for attendees to see the demo will be during the Monday evening FlowScan BOF.
Furthermore, with sample graphs of real traffic from
UW-Madison and other FlowScan sites, we will discuss
operational uses of real-time flow-based
analysis which include:
-
detecting network abuse, such as Denial of Services
attacks,
-
correlating traffic measurements with network
configuration management at points in time and,
-
analyzing long-term IP traffic trends, including
offered load sorted by peer and origin ASNs.
About the Presenter
Dave Plonka has developed a number of free software
packages, many of which are network management tools.
He works as a systems programmer doing network
engineering within the Division of Information
Technology (DoIT) at the University of Wisconsin -
Madison. In the formative years of his working life he
was a programmer in the commercial software industry
focusing on the development of portable libraries and
relational database applications under VMS and Unix.
In 1991, he received a B.S. in Computer Science from
Carroll College in Waukesha, Wisconsin.
Slide presentation
