Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

johlsson
New Contributor

Created on ‎08-01-2016 05:45 AM

Impossible NetFlow statisitics

Last week, I configured one of our F100D firewalls to send NetFlow to our collector.   However, in addition to the traffic to/from my actual networks, it reported the following impossible flows (captured in the attached images).  We don't possess the bandwidth to move just under 3.5 trillion gigabytes of data, or the time.  With the size of our pipe, it would take over eighteen thousand years to move that much data, let alone many such flows.

Is it possible to filter the NetFlow output to ignore this garbage?  My real data is lost in this noise.

 

Thanks.

 

Jesse

 

Of course, these

 

 

 

Preview file
257 KB
Preview file
133 KB
Labels:
651
0 Kudos
1 REPLY 1
johlsson
New Contributor

Created on ‎08-01-2016 08:19 AM

I should also mention that not a single one of the client or server ip addresses are in my networks.  This fortigate is not routing that traffic.  So, why is it reporting that it is in NetFlow?

648
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.