I would like to find all ports which are used between two defined Subnets. I'm only interested in the ports to check if I have everything in my firewall before switching it on... So no need for the exact time or amount of packets coming in
Is that possible with nfa? To evaluate the flow forensics is pretty longlasting..
thanks and best regards,
Flow Forensics would be the only way to see ALL ports during a time period as it is the raw Netflow data.
All other reports are only Top N data.
For example for 15 minute data, we only keep the top 100 protocols https://docops.ca.com/display/NFA933/15-Minute+Data
thanks for your answer! Do you have an idea how I can export these data for a scriptbased evaluation?
You can export Flow Forensics reports by clicking the Down Arrow at the top left of the Report Results section, and then select "Export CSV" like below: