Protocol IPv6 puts new challenges for network administrators in the context of user identification. Unlike IPv4, an IPv6 address no longer uniquely identifies a user or PC. IPv6 address can be randomly generated and keeps changing in time. The presentation describes the system developed at the Brno University of Technology, … Read More
Data monitoring and data retention are vital for network management and troubleshooting. The network and provided services are expected to be seamlessly available. Administrators often collect information about the on-going traffic in the form of IP flow records to reveal potential malicious activity that might violate the network usage policy but also to meet legal requirements on providing data about electronic communication to authorized organizations. It is vital not only to collect data about traffic but also to track the identity of users who are responsible for the traffic. The deployment of IPv6 renders unique user identification quite problematic or at least a complex task in comparison with IPv4 environment. In this report, we suggest a data retention system with user identification capabilities in IPv6 as well as in IPv4 network. This is achieved by extending flow records with information obtained by monitoring state of network devices via SNMP and monitoring state of control servers such as Radius. The system has been successfully deployed in BUT network.