Is this setup okay for NetFlow
We are evaluating NetFlow analyzer, we have setup everything in our router (Cisco 1721) and we are pointing to an IP of a machine inside our DMZ. So the IP is a mapped IP (public<->private).
Is the above setup okay for analyzing. I understand that because we are NAT'd that I will only see the traffic for the egress interface.
In summary here is our setup
DMZ
[Cisco 1721] <------>[NetScreen 204] <-------> [NetFlow system]
(Mapped IP)
Lastly, the speed it is reporting shows last hour on the main dashboard, is there any way to increase the touch point to something like 10mins?