Start reading Network Flow Analysis on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here or start reading now with a free Kindle Reading App.

Deliver to your Kindle or other device

 
 
 

Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Anybody can read Kindle books—even without a Kindle device—with the FREE Kindle app for smartphones, tablets and computers.
Network Flow Analysis
 
 

Network Flow Analysis [Kindle Edition]

Michael W. Lucas
5.0 out of 5 stars  See all reviews (2 customer reviews)

Print List Price: £25.99
Kindle Price: £19.85 includes VAT* & free wireless delivery via Amazon Whispernet
You Save: £6.14 (24%)
* Unlike print books, digital books are subject to VAT.

Formats

Amazon Price New from Used from
Kindle Edition £19.85  
Paperback £21.05  
Kindle Daily Deal
Kindle Daily Deal: At least 60% off
Each day we unveil a new book deal at a specially discounted price--for that day only. Learn more about the Kindle Daily Deal or sign up for the Kindle Daily Deal Newsletter to receive free e-mail notifications about each day's deal.

Special Offers and Product Promotions

  • Purchase any Kindle Book sold by Amazon.co.uk and receive £1 credit to try out our Digital Music Store. Here's how (terms and conditions apply)


Product Description

Product Description

Unlike packet sniffers that require you to reproduce network problems in order to analyze them, flow analysis lets you turn back time as you analyze your network. You'll learn how to use open source software to build a flow-based network awareness system and how to use network analysis and auditing to address problems and improve network reliability. You'll also learn how to use a flow analysis system; collect flow records; view, filter, and report flows; present flow records graphically; and use flow records to proactively improve your network. Network Flow Analysis will show you how to:


  • Identify network, server, router, and firewall problems before they become critical
  • Find defective and misconfigured software
  • Quickly find virus-spewing machines, even if they're on a different continent
  • Determine whether your problem stems from the network or a server
  • Automatically graph the most useful data

And much more. Stop asking your users to reproduce problems. Network Flow Analysis gives you the tools and real-world examples you need to effectively analyze your network flow data. Now you can determine what the network problem is long before your customers report it, and you can make that silly phone stop ringing.

About the Author

Michael W. Lucas is a network/security engineer who keeps getting stuck with network problems nobody else wants to touch. He is the author of the critically acclaimed Absolute FreeBSD, Absolute OpenBSD, Cisco Routers for the Desperate, and PGP & GPG, all from No Starch Press.


Product details

  • Format: Kindle Edition
  • File Size: 2746 KB
  • Print Length: 224 pages
  • Publisher: No Starch Press; 1 edition (8 July 2010)
  • Sold by: Amazon Media EU S.à r.l.
  • Language: English
  • ASIN: B003VTZXDG
  • Text-to-Speech: Enabled
  • X-Ray:
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (2 customer reviews)
  • Amazon Bestsellers Rank: #560,391 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  •  Would you like to give feedback on images?


More About the Authors

Discover books, learn about writers, and more.

Customer Reviews

4 star
0
3 star
0
2 star
0
1 star
0
5.0 out of 5 stars
5.0 out of 5 stars
Most Helpful Customer Reviews
1 of 1 people found the following review helpful
5.0 out of 5 stars Excellent. 13 Dec 2011
By Azrael
Format:Paperback|Verified Purchase
This is a very good manual, follow the guidance ( with the usual caveats of updates, patches, and general Linux fiddling - unavoidable when a book can't be constantly updated ) and you will end up with an excellent Network Flow Analyser. My only criticism is, that having followed the book so far, I find that the applications and examples given for visual representation don't meet my rather picky standards for pictoral quality, so I've had to learn Python & motplotlib to be able to represent the massive amount of data that has suddenly become available to process !

Put it this way, I have both the Kindle and the paper version of this, and it is immensely useful !
Comment | 
Was this review helpful to you?
1 of 1 people found the following review helpful
Format:Paperback
Content
This book is a easy guide to the world of netflow logging and analysis. The content ranges from basic configuration of flow logging and easy customer friendly graphing methods to detailed custom reporting features in the software presented.

While this book does not cover each and every netflow tool available it has a complete walk through allowing you to get started and immediately produce important information for decision makers and troubleshooting.

This book also cover some details that a lot of beginning network people haven't noticed yet, but which are critical for doing netflow analysis. Things like ICMP types and codes and defining what a flow is. Michael also presents filtering and does so while showing you how to build these from simple primitives into fully working and usable examples that you can reuse in production.

The chapters about reporting both show textual representations, hard numbers, and nice graphing tools - suitable for management and others not needing the same level of detail. While showing reporting he not only show the reference, which options are available, but does interpretation of the sample reports.

The book finishes strong by listing common use cases for netflow analysis and if you reach this level in your own network you will have improved things a lot.

Target audience
Focus in this book is on making use of data available from network devices and thus the network administrator is the one doing the actual work. If you are a decision maker you should buy this book for your network guy and benefit from the awesome output he will generate.

You will need a bit of effort if you are not skilled in running tools from the command line, and setting up the tools can seem hard.
Read more ›
Comment | 
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.5 out of 5 stars  13 reviews
10 of 10 people found the following review helpful
5.0 out of 5 stars An enjoyable technical read 26 July 2010
By Justin Sherrill - Published on Amazon.com
Format:Paperback
I had initially expected to read a sort of agglomeration of tips; tools like Cacti or Munin for monitoring hardware; Wireshark or tcpdump for monitoring traffic, and so on. Instead, it goes very specifically into Netflow. Producing Netflow data, saving it, and making sense of it are the majority of the book.

People administering any sort of larger network, usually as part of the day job, are the target audience. Netflow appears to be supported by many network equipment vendors, and software tools exist to read it on *BSD.

(For the uninitiated, Netflow tracks network activity in terms of protocol, port, and so on - everything short of the actual data. It can describe what was happening at any point in time between hosts on a tracked network.)

As described in the book, it's useful for both tracking down active issues and for analyzing the health of a network that otherwise could be hidden by averaged graphs, or seen only by direct reads at the problem site. The book covers the protocol and various tools involved with it, and branches off into other related topics, like the use of gnuplot to create ad-hoc representations.

The book is enjoyable, with a touch of a conspiratorial Bastard Operator From Hell-like attitude between the author and the reader. It's a directed narrative going through install, analysis, and reporting, different enough from a man page review that there's value in proceeding from chapter to chapter. There's also enough detail in the center of the book that it can serve as a reference source for Netflow collector setup.

It was valuable enough that I found myself planning ways to implement this at my workplace. Remarkable, considering how dry network analysis can be.

(pasted from a review I wrote elsewhere)
2 of 2 people found the following review helpful
5.0 out of 5 stars Damn Handy Book!! 20 Feb 2012
By Christian Klaver - Published on Amazon.com
Format:Paperback
As someone moving from strictly perimeter security to admin of a vast network, I needed a leg up to learning the intricacies of routing and Network Flow Analysis has turned out to be that book. Lucas clearly knows his subject far better than I could ever ask. The info and clear and *relevant*. That last part is critical, and the failing of many tech books I've read before this.

There are sections I don't happen to need (such as implementing netflow on the network in the first place, since my network already has this implemented) but the structure and lay-out of the book makes it easy to find and pull the info *I* need out of it. I've only had the book 48 hours or so, and it's already dominated the spot to the left of my PC at work.

Hide it, if you must, if you don't want to sully your reputation as THE alpha geek at work, but get it. Go get it now. There's plenty in here for both novice and guru alike.
2 of 2 people found the following review helpful
5.0 out of 5 stars Technical & Interesting Network Flow Analysis Reference 13 Sep 2010
By Joshua Brower - Published on Amazon.com
Format:Paperback
This is the second book of Lucas's that I have read. I read Absolute FreeBSD: The Complete Guide to FreeBSD, 2nd Edition, and thoroughly enjoyed it--So I went into this book with high expectations. Overall, I feel like this is a solid read for those network administrators that want to go deeper, and have the time to go deeper into network flow analyses.

NFA is a very technical book, which can make for a very boring read, but like Absolute FreeBSD, Lucas is able to maintain a light, interesting tone, even while discussing the configuration of gnuplot. (!)

From a technical perspective, NFA is very useful for getting your (open source) network flow analysis system up and going--But be aware that it will take time, especially if you want the flexibility of what FlowTracker/FlowGrapher can offer, versus the less flexible, but easier to use/learn CUFlow.

Lucas gives great practical examples of using flows to monitor & troubleshoot issues on your network. The examples are sprinkled through the book, and then a few case studies take up the last 7 pages of the book.

I found it interesting that the back cover claimed that you will learn how to:

-Identify network, server, router, and firewall problems before they become critical

-Find defective and mis-configured software

-Quickly find virus-spewing machines, even if they are on a different continent

These scenarios were covered, but in appallingly anemic sections--For instance, the "Quickly find virus-spewing machines, even if they are on a different continent" scenario was covered on 1 page. (186-187)

I guess I was thinking that since the above scenarios was a fairly large point in the description of the book, that they would be covered in a bit more detail.

One more nitpick: Lucas describes Conficker as both a Virus and a Worm--It is most definitely a worm, not a virus--There is a difference...

The above nitpicks are not enough to diminish the 5 star rating I am giving NFA: I found it to be a great addition to my reference bookshelf, and I'm sure it will be creased and dogeared as I attempt to implement my own NetFlow analysis system this next year.

-Josh Brower
2 of 2 people found the following review helpful
4.0 out of 5 stars Thin book on a thick subject, but it works well. 24 Aug 2010
By Michael Ernest - Published on Amazon.com
Format:Paperback
Network administration, never mind troubleshooting, is a dry, sometimes airless subject. As the cliche goes, computer networks may be more than the sum of their parts, but the only people who fully appreciate that have handled all the parts. Communication protocols, command protocols, wire protocols, internet protocols, data link management, router configuration, IP traffic management, firewall administration....Where mathematics or intricate programming techniques daze the disinclined mind, computer networking bludgeons it.

Lucas promotes his subject by motivating the imagination, not the intellect. As he writes in his introduction, "Network administrators all share an abiding and passionate desire for just one thing. We want our users to shut up." I for one can tell you where I was working and the problems I was dealing with when I first felt exactly that. And from that point on, the book flows neatly from one point to the next. The topic sequence, consistent tone and focus kept me engaged and confident that I could go as far as I'd like, with this book as a start.

To achieve that effect for me, a book has to look and feel manageable in a reasonable amount of time. Network Flow Analysis is about two hundred pages long, but it is hardly thin. The pace of discussion is deliberate but covers a lot of ground. As for continuity, I can't recall a passage that wasn't supported by earlier discussion or wasn't detailed soon after. Lucas narrates in a straightforward manner that does not succumb easily to distraction or concern for losing the reader. Where most authors tackle the subject with a compendium of summations or mostly-digested specifications, Lucas exhibits the guileless courage of someone who spends every day on a roof or under a sink. And he does something most network admin writers could learn to do for all our sakes: he uses a reference book for all the detail.

The only surprise I found in this book came in Chapter 8, "Ad Hoc Flow Visualization," where Lucas writes, "gnuplot ... has a notoriously steep learning curve and a reputation for complexity." Even though the rest of the paragraph softens this claim a bit, I bought and read a book on gnuplot to make sure I hadn't missed something.

Network Flow Analysis is not a book that would inspire a Dummies-identifying reader to have a go, I don't think. No such book will ever be written. But if troubleshooting the network becomes your job, and you need more than a kickstart, and you do want to shut people up, you need a friend. You could do far worse than start here.
1 of 1 people found the following review helpful
5.0 out of 5 stars rollicking good read 17 May 2012
By shog - Published on Amazon.com
Format:Kindle Edition|Verified Purchase
Suprisingly lacking in dryness considering the subject matter. Author is a cunsummate smart-arse, highly conversant in the subject matter and often dropping interesting related facts, all the while flaunting a cocky sense of humor. A line in the first paragraph sums up the book:

"Network administrators all share an abiding and passionate desire for one thing: We want our users to shut up."

The guy backs his bark with bite. I feel he makes the reader feel like a plains indian if netflow were a buffalo. He will show you specifically how to go about setting up a netflow collector, how to install analysis tools, how to use them to determine all sorts of stuff, to how to use gnuplot to graph it. It covers host-level to bgp. I didn't know port numbers were used a different way for ICMP netflow packets, or that netflow v7 is actually useful for routers.

That said, the point of publishing is 2 years ago and I don't know how dated the material is. The author refers to very specific versions of software, which may have been perfectly useful on the day of publishing. That said, netflow itself does not change much (until IPFIX and IP6 roll out).

Oh, and this review is for the Kindle version. Somewhat perversely, I chose to run this entire book through text to speech while driving. While it was painful to hear a robotic man read out a full page of 5-tuple data, it worked out. Kudos to the publisher for not disabling text to speech.
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
 

Search Customer Discussions
Search all Amazon discussions
   


Look for similar items by category