Minimum system requirements
3.2 GHz quad-core
6GB RAM 200GB storage Windows/LinuxPostgreSQL/MSSQL
These specifications only apply when raw data is turned off and the flow rate is below 6,000
flows/sec. Requirements will vary with different settings.
Where and how do you send flows?
Ways of exporting flows to NetFlow
i. Manual configuration using telnet/ssh the
ii. Direct flow export in UI
Ports to be considered:
• Server port: NetFlow Analyzer's web server port
• Listener port: Port on which NetFlow Analyzer
• Both ports are configurable
Direct flow export
Fetch device & interface name with SNMP
• Step 1: Add SNMP credentials:
• Step 2: Associate the credential to
Customizing NetFlow Analyzer to fit
Can I categorize my traffic usage?
VLANRelated appsNetwork subnet
Sort traffic usage by Groups
Types of groups
Benefits of creating groups:
• Monitor combined bandwidth usage to get
better picture of traffic consumption.
• Provide access to operators based on
• Provide better visibility to improve
Application mapping for _App
• Interface >Application > _App >
Show port (show port needs raw
• Map application and define IP
address/ IP network/ IP range.
Application mapping for own apps
• Settings> Netflow> Mapping >
Application List> Add
Can I monitor traffic for my custom
Top reports of NetFlow Analyzer
IP group consolidated report
Search specific traffic details by the
associated application, protocol, host, or
Compare bandwidth usage at different
Track top talkers and conversations with
a complete report
Visualize the combined bandwidth usage
of all IP groups
Measure bandwidth usage to verify your
ISP billing and create bill plans
Advanced report - FORENSICS
Prerequisite: Enable RAW Data
• Get more granular traffic statistics
using raw data
• Drill down to identify which users,
applications, and protocols are
consuming the most bandwidth at a
• Troubleshoot accurately by defining
multiple criteria to filter required
Save and schedule reports
• Report profile: Create and save your criteria based reports and view
them at any time.
• Schedule report: Add a schedule - daily, weekly or monthly to get it
notified via email.
Setting up alerts
• Link down
• No flow
Threshold based alerts
• IP range, IP address or IP network
• Based on port/protocol range
• Based on application
• Based on DSCP
Thresholds based on multiple conditions
Select source Select criteria Define threshold Save alert profile
Alerts specific to below violation:
Alert severity levels:
Where & why my bandwidth utilization high?
Fixing the issue in just 3 steps using NetFlow Analyzer:
1. Finding who or which part of the network is affected.
2. Identifying the source of the congestion.
3. Troubleshoot the issue.
Set up flow export Monitoring Customization, alerting
Step1 Step 2 Step 3
Upcoming training on Feb 20th
Part II: Gain deeper visibility with advanced
• Distributed monitoring
• Wireless traffic monitoring
• Advanced security analytics
• Deep packet inspection
• Discuss technologies like NBAR, CBQoS and NBAR2
• Medianet and multicast monitoring
• Capacity trend reporting
• IP SLA monitoring
• Traffic shaping