Using NetFlow for Information Security has some unique challenges that NETOPS tools don't have to deal with. I put Splunk head to head against StealthWatch and lay out methodolgies for testing other tools.
Don't trust your firewalls and NAC without validation. NetFlow is a great way to determine if they are doing what they are supposed to be doing (and alerting you when they are not.)
Figuring out what data sources are best suited for pervasive network surviellance can be tricky. In this fifth installment, we look at the pros and cons of packet capture and NetFlow.