Troubleshoot

NetFlow Collector

With the emergence of social networking, video streaming, peer-to-peer technology, cloud computing, and software as a service (SaaS), modern enterprises are only as good as their network integrity in terms of the bandwidth and security they provide. To keep the network's bandwidth in check for everyday business communication, selecting a suitable tool to manage the NetFlow data is of utmost importance.

What is NetFlow, and why do you need a NetFlow collector?

NetFlow is a network protocol designed by Cisco that collects and monitors IP traffic information that is generated by NetFlow-based routers or switches. These routers export traffic stats as NetFlow records.

NetFlow collector is an application that ingests NetFlow data and organizes the binary data into a numeric format. It also:

  • Compresses the size of the data
  • Stores the output on a database

Analyzing the required data using tools like NetFlow analyzers, network administrators can prevent malicious attacks, monitor network availability and performance, fix bandwidth bottlenecks, and analyze spikes and drops in traffic.

ManageEngine NetFlow Analyzer: A comprehensive NetFlow collector.

ManageEngine NetFlow Analyzer is a software-based NetFlow collector that collects, analyzes, and converts flow data into readable reports, and presents it on a web-based interface. Providing support to both NetFlow version 5 and version 9, NetFlow Analyzer also supports other network flows like sFlow, IPFIX, Netstream, J-Flow, and AppFlow, which are exported from routers and switches. The complete list of supported devices and flow types is available here. Apart from being a basic NetFlow collector, this is how NetFlow Analyzer excels:

Bandwidth monitoring and traffic analysis

Gain real-time visibility into your network traffic using NetFlow Analyzer, and discover the top conversations along with the source and destination IP details on the network in real-time. View the top applications on your network, and ensure that critical applications get maximum priority. The grouping settings in NetFlow Analyzer allows you to monitor the bandwidth usage cumulatively once a group is defined.

Forensic reports and compliance

With meticulous reports accompanied by drill down options for more detailed data, network administrators can see how the network bandwidth is or was being used during any particular user's online session.

The forensic report gives you visibility into specific parameters such as traffic, application, source address, destination address, DSCP, etc. for any specific instance. This makes troubleshooting the root cause of any network issue or anomaly a breeze.

Network security and event monitoring

Detect a broad spectrum of external and internal security threats using the Advanced Security Analytics Module, a network flow-based network anomaly detection tool that helps in detecting zero-day network intrusions using the state-of-the-art Continuous Stream Mining Engine technology.

NetFlow Analyzer can identify scans targeting weak ports; classify network intrusions like DDos attacks, worms, malware, botnets, and P2P apps; and pinpoint post-attack signs like protocol anomalies and policy violations to tackle network security threats in real time.

Five other ways NetFlow Analyzer stands out above the competition

Cisco Class-based Quality of Service (CBQoS) monitoring

  • CBQoS is a Cisco feature set that provides information about the applied QoS policies and class-based traffic patterns within an enterprise's network.
  • The report shows the pre-policy and post-policy drops in traffic within the network.
  • These policies can be changed based on these reports in NetFlow Analyzer, which can also be used for QoS policy validation.

Network Based Application Recognition (NBAR)

  • NBAR is an intelligent classification engine that can monitor, recognize, and intelligently identify a wide variety of applications that use dynamic ports.
  • NetFlow Analyzer now uses NBAR2 to analyze and classify application traffic in real time. The NBAR2 reports show the list of applications that are identified with NBAR2 along with their traffic details and the contribution of a particular application's traffic to the total traffic in the network.

Cisco AVC monitoring

  • The number of business and other applications that use HTTP is increasing everyday, and as a result, identifying applications by checking the well-known ports is no longer sufficient.
  • The need for application visibility in the network is on the rise and NetFlow relies on Cisco Application Visibility and Control (AVC) technology, that provides application-level classification for application categorization to obtain the required visibility.

IP service-level agreement (SLA) monitoring

  • Cisco IP SLA is technology from Cisco that actively monitors traffic to measure the performance of the network by measuring critical parameters of the network.
  • In addition, vital factors like jitter, latency, packet loss, and mean opinion score (MOS) are also measured.

Medianet Reporting

  • Cisco Medianet is an intelligent network optimizer made for media-rich traffic to enhance user experience.
  • It enables the network to optimally perform despite having bandwidth-consuming-rich-media traffic in it.
  • Accelerate troubleshooting in your media-rich network, and save time, money, and more.

With more features and updates on the way, now's the best time to take the NetFlow Analyzer for a test drive. Click here to download a 30-day free trial.