Brian Trammell, CERT/NetSA; Elisa Boschi, Hitachi Europe
The IP Flow Information eXport (IPFIX) protocol is the upcoming IETF standard
for the export of IP flow data, based on Cisco NetFlow V9. It specifies a
flexible representation and protocol for transmitting IP traffic flow
information over the network from routers, measurement probes or other devices
to a collector for storage and analysis. In this talk we briefly describe the
IPFIX protocol; the present work of the IETF IPFIX working group including
current extensions and enhancements such as a bandwidth-saving encoding method,
a representation for bidirectional flows, and an IPFIX-based flow file format;
and the status of a variety of presently-available implementations of the
protocol.
Bio:
Brian Trammell is the Engineering Technical Lead at the CERT Network Situational Awareness group in Pittsburgh, Pennsylvania, where he oversees the design and implementation of security-relevant network measurement tools. He is the principal author of NetSA's open-source YAF flow meter and NAF flow aggregator, and the IPFIX implementation that underlies them. He is an author of several drafts in the IETF IPFIX working group.
Presentation PDF
Real Video Presentation
