Presentation is loading. Please wait.

Presentation is loading. Please wait.

NetFlow Analyzer Best Practices, Tips, Tricks. Agenda Professional vs Enterprise Edition System Requirements Storage Settings Performance Tuning Configure.

Published byRonald Gaines Modified over 8 years ago

Similar presentations

Presentation on theme: "NetFlow Analyzer Best Practices, Tips, Tricks. Agenda Professional vs Enterprise Edition System Requirements Storage Settings Performance Tuning Configure."— Presentation transcript:

1 NetFlow Analyzer Best Practices, Tips, Tricks

2 Agenda Professional vs Enterprise Edition System Requirements Storage Settings Performance Tuning Configure Flow Exports

3 Agenda.. Application Groups IP Groups Reports ASAM

4 Prof vs EE Professional Edition Up to 600 interfaces Standalone version Enterprise Edition Up to 20,000 interfaces Scalable Central – Collector architecture Distributed networks

5 System Requirments Flow RateProcessorRAMHDD 0 to 30002.4 Ghz Dual2 GB250 GB 3000 to 60003.2 GHz Dual4 GB600 GB 6000 to 90003.2 GHZ Quad8 GB1 TB (High Speed SATA or SAS Drive) Above 90003.2 GHz Quad8 GB1 TB (High Speed S ATA or SAS Drive with RAID 0 or RAID 10 config)

6 Central Server Configuration

7 Storage Settings NetFlow Analyzer classifies data into 2 types namely Aggregated Data and the Raw Data. The amount of hard disk space required to store the aggregated data forever is about 150 MB per interface. You will require a free disk space of 2MB to store one month of one minute traffic data for a single interface.

8 Raw Data Free hard disk space - (150 MB * No. of Managed Interfaces) Raw Data Period (in hours) = ---------------------------------------------------------------------------------------- 60 Bytes * 3600 seconds * Flows Per Second The maximum raw data storage period is 1 month and the minimum is a day.

9 JVM Configuration Admin  Performance Tuning Select the RAM View the Recommended Settings and Update You can also change the Maximum Java Memory and update

10 Configuring Flow Export Make sure the time in the router is correct time Netflow Analyer can handle routers from different time zones automatically, provided the correct time is set. Whenever the time difference between the NetFlow Analyzer Server and the router is above 10 minutes a warning icon will appear in the home page.

11 Application Groups The Application Mapping option lets you configure the applications identified by NetFlow Analyzer. Applications are categorized based on the source address, destination address, source port, destination port and protocol values in the flow record. These values are matched with the list of applications in the Application Mapping.

12 IP Groups Monitor Departmental Traffic Monitor Branch Office Bandwidth usage

13 Reports Schedule Reports Generate Reports based on IP Groups

14 ASAM Generate Security Events – Bad Src –Dst – Suspect Flows – Probe / Scans – Dos / Flash crowd

15 Thanks

Download ppt "NetFlow Analyzer Best Practices, Tips, Tricks. Agenda Professional vs Enterprise Edition System Requirements Storage Settings Performance Tuning Configure."

Similar presentations

Abstract There is significant need to improve existing techniques for clustering multivariate network traffic flow record and quickly infer underlying.

Abstract There is significant need to improve existing techniques for clustering multivariate network traffic flow record and quickly infer underlying.
Why AAA Digital Document Solutions? Are you still storing documents in file cabinets? Do you have a plan in case of fire or natural disaster? Is your company.

Why AAA Digital Document Solutions? Are you still storing documents in file cabinets? Do you have a plan in case of fire or natural disaster? Is your company.
ICmyNet.Flow Network Traffic Analysis System If You Want to See Your Net www.icmynet.com.

ICmyNet.Flow Network Traffic Analysis System If You Want to See Your Net
Windows 98 486DX 66 megahertz (MHz) or faster processor (Pentium central processing unit recommended). 16 megabytes (MB) of memory (24 MB recommended).

Windows DX 66 megahertz (MHz) or faster processor (Pentium central processing unit recommended). 16 megabytes (MB) of memory (24 MB recommended).
Scale-out Central Store. Conventional Storage Verses Scale Out Clustered Storage Conventional Storage Scale Out Clustered Storage Faster……………………………………………….

Scale-out Central Store. Conventional Storage Verses Scale Out Clustered Storage Conventional Storage Scale Out Clustered Storage Faster……………………………………………….
Novell Server Linux vs. windows server 2008 By: Gabe Miller.

Novell Server Linux vs. windows server 2008 By: Gabe Miller.
Monitoring a Large-Scale Network: Selecting the Right Tool Sayadur Rahman United International University & Network Manager, Financial Service.

Monitoring a Large-Scale Network: Selecting the Right Tool Sayadur Rahman United International University & Network Manager, Financial Service.
Packard BioScience. Packard BioScience What is ArrayInformatics?

Packard BioScience. Packard BioScience What is ArrayInformatics?
Network Administration Procedures Tools –Ping –SNMP –Ethereal –Graphs 10 commandments for PC security.

Network Administration Procedures Tools –Ping –SNMP –Ethereal –Graphs 10 commandments for PC security.
NetFlow Analyzer Drilldown to the root-QoS Product Overview.

NetFlow Analyzer Drilldown to the root-QoS Product Overview.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.
Virtual Desktop Infrastructure Solution Stack Cam Merrett – Demonstrator User device Connection Bandwidth Virtualisation Hardware Centralised desktops.

Virtual Desktop Infrastructure Solution Stack Cam Merrett – Demonstrator User device Connection Bandwidth Virtualisation Hardware Centralised desktops.
16.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.

16.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.
Deploying and Managing Windows Server 2012

Deploying and Managing Windows Server 2012
Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in 2009. We create innovative software solutions for SharePoint,

Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in We create innovative software solutions for SharePoint,
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:

Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:
Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.

Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.
Report : Zhen Ming Wu 2008 IEEE 9th Grid Computing Conference.

Report : Zhen Ming Wu 2008 IEEE 9th Grid Computing Conference.

Similar presentations

Ads by Google