From GEANT2-JRA1 Wiki

This page is dedicated to the perfSONAR Flow Subscription MP micro release.

Description

The Flow Subscription MP makes it possible to request near real-time streams of flow packets (that is Netflow or Sflow exported by routers), as if they were coming directly from the routers where the information originated. This allows clients of this MP to subscribe to flow information from different locations and still use their own favourite flow collector and processing tools. Currently Netflow v5 and v9 and Sflow are supported.

Users can specify the router(s) from which they want to receive flow information, and can further tune the amount of information sent by creating a filter. As flow information can be privacy-sensitive, the Flow Subscription MP can anonymise the IP addresses before the information is sent to the client. Authentication and authorisation is required before access to the flow information is allowed (currently the Flow Subscription MP has its own authentication and authorisationdoes mechanism and does not use the Authentication Service), even if the IP addresses are anonymised. In addition, the flow information is sent through an encrypted tunnel to protect the information while it is transferred between the MP and the client.

The users that this MP is aimed at include security experts (for example, CERT members), researchers and grid users. The MP provides them with on-demand and real-time access to (a selection of) flow information for a specific amount of time, allowing them to perform their own security/threat analysis, traffic pattern and behaviour research, or performance monitoring calculations using the tools of their choice.

• Service Name: ps-mdm-flowsub-mp
• Service Type: MP
• Service Description: Measurement Point service for flow subscription
• Contact information: [Hans Trompert]