Plug a Hole in Cisco's NetFlow Coverage
Netflow has changed since Cisco first introduced it. To get the maximum security benefit from this useful protocol, make sure collectors operating on your network are able to collect, analyze and store Flexible NetFlow templates and data.
Cisco dominates the networking hardware market, and with its Adaptive Security Appliance (ASA) it is looking to extend its reach into network security. The ASA, however, can introduce a security issue. The appliance supports both Simple Network Management Protocol (SNMP) and Flexible NetFlow, both of which can provide essential information on security threats. However, most NetFlow monitoring vendors support only earlier versions of NetFlow, not Flexible NetFlow, and thus they are blind as to the source of threatening packets.
NetFlow, originally released as part of Cisco's Internetwork Operating System (IOS) and now also used by other switch and router vendors, provides certain information on the packets flowing through a port. The network device gathers the data and exports it to a server running software to collect and report on the NetFlow data (i.e., the Collector).
Read "Plugging the Cisco ASA Security Hole" at Enterprise IT Planet