IP flow information export (IPFIX): Applicability and future suggestions for network security
This year, the IP Flow Information Export (IPFIX) protocol will become standard for exporting flow information from routers and probes. Standardized methods for packet selection and the export of per packet information will follow soon from the IETF group on packet sampling (PSAMP). The future availability of network information in a standardized form enables a wide range of critical applications for Internet operation including, accounting, QoS auditing and detection of network attacks. In this paper we present the IPFIX protocol, and discuss its applicability with a special focus on network security. We propose a coupling of IPIFX with AAA functions to improve the detection and defense against network security incidents and for Inter-domain information exchange based on IPIFX utilizing secure transmission channels provided by the AAA architecture.