Table of Contents
Connections to other Projects
bwNetFlow - Network Flow Analysis for BelWü
The project bwNetFlow addresses network flow analysis for the belwü network. It realises a platform to collect, process, and distribute network flows, which occur in the BelWü network. The flow analyses allow for a tenant-based traffic accounting, visual representation via graphical user interfaces, or even anomaly and attack detection.
At the core routers of the BelWü network, sampeled NetFlow data is exported, and processed via a scalable platform. An Apache Kafka cluster is utilised, to enrich the raw NetFlow data (e.g. with customer Ids, or additional information about the routers), and subsequentially to split the flows by tenants. So called consumers are then used to produce data for a Grafana dashboard.
Integration with bwNet100G+
The resulting platform from bwNetFlow and the provided interfaces allow for a collaboration with algorithms and tools resulting from bwNet100G+. One example is an entropy based calculation for anomaly detection, which allows e.g. to detect a DDOS targeted towards a connected institution.