How many times have you asked yourself: “What is running on our network?”
It is very difficult to plan for network growth and have a clear idea of network flows without having an idea of network flows, sizes, directions and peak times.
Cisco developed the IOS a mechanism of network statistics commonly called NetFlow.
NetFlow data is an excellent source of information for session statistics pertaining to conversational pairs, bit rates, and packet rates.
Complete Visibility of Network Traffic & Bandwidth Utilization
The NetFlow collector gathers NetFlow for analysis to enable you to quantify exactly how your network is being used, by whom, and for what purpose. Providing detailed insight into overall network performance, the flow collector makes it easy to get a comprehensive view of your network traffic, find bottlenecks, and shut down the bandwidth hogs.
NetFlow started as a proprietary technology developed by Cisco Systems. The most widely deployed version 5; NetFlow v9, gathers both inbound and outbound information. NetFlow is a technology whereby the router keeps track of all conversations inbound on each interface it is enabled on. It examines packets based on seven key fields (source and destination IP address, source and destination port, Layer 3 protocol type, type-of-service byte and input logical interface). Once the conversation has ended it is sent to the collector.
Benefits of NetFlow Analysis
NetFlow analysis provides visibility to secure network cores by detecting malicious, accidental and suspicious activities on the network including:
- Misconfigured systems and devices
- Unauthorized apps (e.x. P2p file sharing)
- File servers “re-deployed” as web servers
- Troubleshooting network problems
>>MORE: Security Benefits of NetFlow
How NetFlow Collection Works
NetFlow-enabled routers generate NetFlow records, export them to a NetFlow collector once the flow has finished and then purge the data from their memory NetFlow cache. These NetFlow records are exported in UDP or SCTP packets.
>>MORE: NetFlow Collection
- Supply real-time visibility and awareness of network and host-based behaviors
- Track, measure and prioritize network and host-based risk
- Monitor and investigate individual host and broad network communications
- Maintain network availability, and performance of crucial business processes
- Discover and inventory the underlying assets of the corporate network
NetFlow Collection & Analysis
Collects and analyzes NetFlow traffic to provide network monitoring and behavior analysis solutions for automated traffic analysis, network security, and datacenter visibility to optimize existing network resources.