Through the use of flow technology, the network traffic monitoring industry continues to make strides into the network performance monitoring market. This evolution has been partially influenced by a few factors. Initially, the emergence of free NetFlow utilities helped expand the value and availability of NetFlow v5. For years, the basic reporting features in these solutions where fairly similar across platforms. This has changed.
With the release of Cisco Flexible NetFlow network traffic monitoring took on new meaning when reporting on NetFlow and IPFIX. Many collector companies who wanted to build in support for the new metrics soon found that the flexibility in NetFlow v9 and IPFIX created an onslaught of problems for their current NetFlow collector architecture. The largest single issue was the introduction of templates.
NetFlow v5 was hard coded to export a couple dozen elements (i.e. flow values). Because of the template technology built into NetFlow v9 and IPFIX, vendors can export just about anything they want from the hardware including system messages and metrics usually exported with legacy technologies such as SNMP. What's more is that what they are sending can be dynamic and even change.
Immediately after a flow configuration modification, a new template is sent to the NetFlow or IPFIX collector. The collector prepares the data base for the new flow format it is about to receive. This introduction of dynamic templates is what took network traffic monitoring with NetFlow to an all new level, but it didn’t stop here.
What is Internet Security
- Antivirus on desktops and servers
- Proxy and reverse proxy servers
- Password rotation
- VPN access
- Radius authentication
- Intrusion Detection Systems
Many of the above technologies reside on appliances that now support NetFlow or IPFIX. Because of this emergence, not only can we use flow technology for network traffic monitoring, we can use it for threat detection and perhaps more importantly, we can leverage it for forensic network investigations. With flow technology so widely available on nearly every network appliance, performing an audit on every host or hardware system touched by a piece of malware not only becomes more thorough, it becomes incredibly fast.
Network Internet Monitor
Don't expect a typical network internet monitor to support all of what NetFlow and IPFIX are capable of. Make sure that when you purchase your next NMS that the questions aren’t limited to the fault isolation and network traffic monitoring capabilities. NetFlow and IPFIX are a huge part of not only the network performance monitoring market, but the threat detection industry as well.
Leader in NetFlow
A Plixer, we pride ourselves on staying focused on flow technologies. Our team of flow experts have developed one of the best NetFlow analyzers on the market and because of this, we have been recognized as an award winning leader in NetFlow, sFlow and IPFIX reporting.