Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow data

60 views

Published on

NetFlow Analyzer lets you capture and analyze your entire network traffic. Learn how to visualize traffic details such as speed, volume, packets, and utilization with the help of our network traffic analyzer. FREE TRIAL -https://www.manageengine.com/products/netflow/download.html

Published in: Software
  • Be the first to comment

  • Be the first to like this

Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow data

  1. 1. NetFlow Analyzer Webinar - Part I Flow data - How to configure and monitor it? Export flows Traffic group & App map Configure Alerts Reporting
  2. 2. CHALLENGES IN MONITORING THE NETWORK • WHAT IS GOING THROUGH THE NETWORK ? • WHO ARE THE TOP TAKERS ON THE NETWORK ? • WHAT ARE THE TOP DESTINATIONS ? • WHAT IS THE TOTAL TRAFFIC OF LAYER 4 & LAYER 7 APPLICATION • WHETHER THE EMPLOYEES ARE EFFICIENTLY USING THE BANDWIDTH FOR BUSINESS PURPOSE ? • WHY IS THE INTERNET SLOW IS IT THE BANDWIDTH ISSUE ? OR IS SOMETHING ELSE BLOCKING IT DOWN ??
  3. 3. AGENDA • Introduction to NetFlow Analyzer • Prerequisites • Configuring Flow • Inventory • Mapping • Grouping • Dashboard • Administration NetFlow Analyzer
  4. 4. INTRODUCTION TO NetFlow Analyzer
  5. 5. INTRODUCTION TO NETFLOW ANALYZER > It is a simple bandwidth monitoring, traffic analysis tool > NetFlow, sFlow, IPFIX, J-Flow, NetStream, Appflow - For bandwidth & traffic analytics > Helps you to drill down into interface level details to discover traffic pattern and device performance > Recognize and classify Non-Standard Apps that hog your network bandwidth using NFA > Detect a broad spectrum of external and internal security threats * We support any new flow type in couple of weeks
  6. 6. CHARACTERISTIC OF NETFLOW ANALYZER • On-premise • Web-based • Agent less • Available for both Windows and Linux platform • NetFlow Analyzer supports PostgreSQL and MSSQL as database
  7. 7. Router Packet Src If Src Ip Add Src Port Flag Pkts Dest Ip Add Dest Port Bytes Fa 1/0 1.1.1.1 11 10 1100 10.0.21.1 80 111 Fa 1/0 2.2.2.2 12 0 2491 10.0.22.2 80 123 Flow Cache
  8. 8. NETFLOW ANALYZER LICENSING • NFA Licensing is based on Interface count that you need to monitor • Eg: Say, If there is a device with 2 - WAN & 3 - LAN & 5 VLAN  If your requirement is to monitor only LAN & WAN then it's 5 NFA License  If your requirement is to monitor only LAN & WAN & VLAN then it's 10 NFA License
  9. 9. NFA EDITION COMPARISON ESSENTIAL DISTRIBUTEDFEATURE NBAR / CBQOS CAPACITY PLANNING ASAM INSTANCE FLOW RATE X √ √ √ ABOVE 100K FLOWS/SEC X X SINGLE MULTIPLE BELOW 100K FLOWS/SEC
  10. 10. DISTRIBUTED ARCHITECTURE
  11. 11. PREREQUISITES
  12. 12. SERVER SPECIFICATION • It can be installed in VM Machines with any of the supported Operation System. • Specs vary according to the Rate of Flows/Sec • On Average for 3k to 6k Flows/Sec below is the spec  Processor - 4 Core  RAM - 8 GB  HDD - 500 GB * The Spec varies according to the flow rate and NFA functionalities used
  13. 13. WE ARE CURRENTLY USING NETFLOW ANALYZER VERSION 12.3.179 FOR VISUAL
  14. 14. CONFIGURING FLOW
  15. 15. CONFIGURING FLOW • Using CLI • Using GUI • Using NCM module in NetFlow Analyzer
  16. 16. USING COMMAND LINE INTERFACE - CLI • Set destination address (server where NFA is installed) • Set Port for NetFlow export (Default port we listen to - 9996) > Set version of NetFlow export > Set time interval to export flows > Set Source Interface for NetFlow export > We should say what are all the interfaces we are going to take account Enabling NetFlow on Interfaces (all Interfaces)  Ingress  Egress > For configuration please refer the below link: http://www.manageengine.com/products/netflow/help/cisco-netflow/cisco-ios- netflow.html
  17. 17. SAMPLE CONFIGURATION router#enable Password:***** router#configure terminal router-2621(config)#interface FastEthernet 0/1 router-2621(config-if)#ip flow ingress router-2621(config-if)#exit router-2621(config)#ip flow-export destination 192.168.9.101 9996 router-2621(config)#ip flow-export source FastEthernet 0/1 router-2621(config)#ip flow-export version 9 router-2621(config)#ip flow-cache timeout active 1 router-2621(config)#ip flow-cache timeout inactive 15 router-2621(config)#snmp-server ifindex persist
  18. 18. USING GRAPHICAL USER INTERFACE - GUI
  19. 19. Using Network Configuration Manager - NCM Benefits of using Network Configuration Manager: • Predefined configlets • Export flows from multiple interfaces in bulk • Backup and restore configurations for devices • Create new configlets Apply credentials Select interfaces Export flow Add devices
  20. 20. INVENTORY
  21. 21. INVENTORY • Device Level Traffic • Interface Level Traffic
  22. 22. DEVICE LEVEL TRAFFIC • Traffic • Interfaces • Application • Source • Destination • QOS • Conversation • AS View • Attack
  23. 23. INTERFACE LEVEL TRAFFIC • Traffic & Overview • Application • Source & Destination • QOS • Conversation • NBAR/CBQOS • Multicast • Medianet • AVC • Attacks
  24. 24. APPLICATION MAPPING
  25. 25. APPLICATION MAPPING
  26. 26. GROUPING
  27. 27. GROUPING • Device Grouping • Interface Grouping • IP Grouping • Application Grouping • DSCP Grouping • AP Grouping
  28. 28. DASHBOARD
  29. 29. USER ASSOCIATION
  30. 30. NETFLOW ANALYZER - ADMINISTRATION
  31. 31. NETFLOW ANALYZER - ADMINISTRATION • User Management • License Management • Self Monitoring Mechanism • Security Setting • Rest API • Tools
  32. 32. MANAGEMENT
  33. 33. LICENSE MANAGEMENT
  34. 34. SELF MONITORING MECHANISM Set Threshold values Server Performance Dashboard about server health
  35. 35. SECURITY SETTING
  36. 36. REST API INTEGRATION
  37. 37. TOOLS
  38. 38. SUMMARY
  39. 39. PART ll IS SCHEDULED ON OCT 2 - TUESDAY • WLC • Deep Packet Inspection • IPSLA • Alerts • Reports • Storage • High Performance • Road Map
  40. 40. NEED MORE HELP ? youtube.com/opmanagertechvideos help.netflowanalyzer.com forums.manageengine.com/netflowanalyzer netflowanalyzer-support@manageengine.com +1 (888) 720-9500 / +1 (408) 916 - 9595
  41. 41. THANK YOU ! Evaluator or Trial User eval-itom@manageengine.com License Customer netflowanalyzer-support@manageengine.com

×