Network Administrators and Engineers need to obtain statistics for their network infrastructure, while SNMP does a great job at this it by providing us broad information such as packet count, interface changes, and device health, it cannot provide us granular information about our networks. This is why Cisco introduced NetFlow, a tool that works alongside SNMP by letting us obtain information and statistics for the unique types and characteristics of data flowing through interfaces. In this post I will discuss how to fundamentally implement NetFlow and concepts revolving around it.

IPsec (Internet Protocol Security) is a suite of protocols that secures IP communications by providing encryption, authentication, and integrity directly at the network layer. IPsec requires both peers to agree on how to secure traffic, it uses a management framework called ISAKMP (Internet Security Association and Key Management Protocol), which defines how peers negotiate and manage Security Associations (SAs) the policies and keys used to protect control plane traffic to continue negotiation to secure data plane traffic. ISAKMP provides the structure, IKEv1 performs the key exchange and negotiation for the control plane, and IPsec enforces the security for the data plane.