NetFlow Analyzer
Drilldown to the root-QoS
Product Overview
Product Introduction
• Powerful traffic analysis and network forensic tool
• All-software solution and requires no hardware probes
• Provides an in-depth visibility into network traffic and its
patterns
• Multiple Monitoring Technologies in a single solution
•
•
•
•
•
NetFlow, sFlow, IPFIX, etc – All Major Flow Formats Supported
CBQoS Monitoring for Validating QoS Policies
Cisco NBAR support – SNMP and Flexible NetFlow
VoIP Monitoring via Cisco IP SLA
Flow based security analytics
2
Need for NFA
• Reports on Network Bandwidth usage
– Top Talkers
– Top Conversations
– Top Application, DSCP values
• Class Based Traffic Analysis – Validate QoS Policies
• Deep-Packet Inspection for Better Traffic Analysis
• VoIP Monitoring to ensure Best Call Quality
• Centralized monitoring for thousands of routers and
switches
• Flow based security analytics
3
Features
•
•
•
•
•
•
•
•
•
•
•
•
Traffic Analysis
Network Forensics
Network Planning
IP Accounting
Enhanced Cisco ASA NetFlow support
Cisco NBAR report via SNMP and Flexible NetFlow
Reporting on Cisco CBQoS
Usage Based Billing
Capacity Planning
Flow based security analytics
Cisco IPSLA based VoIP Monitoring
Vertical Enhancements
4
Key Features
Traffic Analysis
• Visualize traffic patterns with real time graphs
• View detailed time based network data
Who
When
Top Sources and related
Conversation reports
Ranging from
last minute to forever
Where
What
Top destinations and
related Conversation
reports
Top Applications and
protocol reports
5
Key Features
Network Forensics
 Conversation Awareness
Ability to examine packets and their numerous fields in detail,
so that unauthorized and hostile activity can be traced and analyzed.
 Conversations and Interfaces
Knowing the source IP addresses of conversations and their
inbound and outbound interfaces is critical to tracking and
understanding unusual behavior.
6
Key Features
Network Planning
Historic /
Aggregated Data
Track and anticipate
network growth
Optimize bandwidth
utilization
Validate quality of
service
Minimize cost and
maximize performance,
capacity and reliability
7
Key Features
IP Accounting
• Identify department wise bandwidth usage
• Advanced IP group classification engine
• Scales up to thousands of IP groups
8
Key Features
Cisco ASA NetFlow Supported
• ASA NetFlow support to see Pre and Post NAT IP Addresses
• Better Visibility about traffic usage beyond NAT
• Original and Mapped IP Addresses shown in Conversations
Key Features
Cisco NBAR Support
• Better Application Recognition through Deep Packet Analysis
• Allows identification of applications which use dynamic ports
as well as those using well known ports
• NBAR Reporting - Via SNMP and Flexible NetFlow
• Flexible NetFlow - NBAR
• Removes Requirement for SNMP Polling
• NBAR data exported along with NetFlow data
• Deeper Visibility than through SNMP based NBAR
10
Key Features
Reporting on Cisco CBQoS
• Validation of QoS Policies
• For monitoring
– Class based pre and post policy traffic usage
– Class based drops
– Class based queuing
– Reports for each Match Statement
11
Key Features
Usage Based Billing
• Generation of periodic bills for accounting and for chargeback.
• Useful for service providers and enterprises
• Value addition to the basic need of traffic analysis and
network forensics
• With no additional infrastructure cost
12
Key Features
Capacity Planning
• Trend analysis over a period of time
• Helps predict the traffic growth in your network
Add On Features
Network Behavior Analysis - NBA
• Network anomaly detection leveraging on NetFlow data
• Detect anomalies that surpass firewall and IDS
• Detect anomalies by problems and problem classes for easy
understanding
• Detailed forensic investigation.
• Licensed based on number of NetFlow interface purchased.
Add On Features
Cisco IPSLA – VoIP Monitoring
• Monitor VoIP Network health using Cisco IPSLA
• Report on :
–
–
–
–
Jitter
Latency
Packet Loss
MoS
• Along with NetFlow reports, helps find the exact cause of VoIP
issues in the network.
• 100 monitors to be given for each VoIP Add-On purchase
Vertical Enhancements
Other Major Features
•
•
•
•
•
•
•
•
Support for sampled NetFlow v5 and v9
Geo-Location Report for IP Address
User specific Customizable Dashboard
New Graphical Widgets
Network links in Google Map
SNMP V3 Support
Report Profiles
Schedule all UI reports including conversations
Edition’s
Professional Edition
 Bandwidth monitoring, network forensics and network traffic analysis tool.
 Provides in-depth visibility into their network traffic and its patterns.
 Licensing starts from minimum of 10 interfaces to a maximum of 600 interfaces
Professional Plus Edition
 All features of Professional Edition with NBAR, CBQoS, Billing and Capacity
Planning.
 Licensing starts from minimum of 10 interfaces to a maximum of 600 interfaces
Add on available for Pro and Pro Plus:VOIP
ASAM - Advanced Security Analytics Module
Edition’s
Enterprise Edition



Scalable traffic analysis and network forensic tool for large enterprise or distributed networks
Multi layer architecture based on multiple collectors and central server.
Licensing starts from minimum of 250 interfaces to a maximum of 20,000 interfaces
Add on available:NBAR & CBQoS reporting
Billing
Fail Over
NetFlow Plug-In with OpManager



Addon for OpManager
For customers who wish to see both the reports in single user interface
Licensing starts from minimum of 10 interfaces to a maximum of 300 interfaces.
Add on available:CBQoS Monitoring
Billing
ASAM – Advanced Security Analytics Module
Thank You