Solarwinds Netflow Generator

[Ellyn Krucke]

SolarWindsNetFlow Traffic Analyzer (NTA) is a companion module that can be added to the Network Performance Monitor. It will extract operational data from network devices using a query language that is built into each device. The name NetFlow comes from the statistics service that is included in devices produced by Cisco Systems. The SolarWinds tool can communicate with that system and also has the capability of using J-Flow, which is an equivalent protocol used by Juniper Networks and the Huawei version, which is called NetStream. NetFlow Traffic Analyzer also has sFlow and IP-FIX which are industry standards that are used by other network device manufacturers. Joining together the traffic data taken from each device enables the NetFlow Traffic Analyzer to draw up a traffic flow map of the network.\n","author":"@type":"Person","name":"John Kimball","description":"John Kimball is a software engineer and writer who's developed safety-critical software for aircraft, software engineering tools with scripting languages, and security software for small devices. He has an interest in information security, web development, activist technology, and system\/network administration.\n","url":"https:\/\/www.comparitech.com\/author\/"}},"@type":"Question","name":"Does SolarWinds support NetFlow?","answerCount":1,"acceptedAnswer":"@type":"Answer","text":"SolarWinds NetFlow Traffic Analyzer supports NetFlow for communicating with network devices produced by Cisco Systems. IT can communicate using NetFlow version 5 and NetFlow version 9. This capability enables the monitoring package to extract traffic data from devices. The tool can also communicate with Juniper Networks\u2019 devices through J-Flow and Huawei devices using NetStream, The package can also use SFlow and IP-FIX, which are non-proprietary protocols that perform the same service as NetFlow.\n","author":"@type":"Person","name":"John Kimball","description":"John Kimball is a software engineer and writer who's developed safety-critical software for aircraft, software engineering tools with scripting languages, and security software for small devices. He has an interest in information security, web development, activist technology, and system\/network administration.\n","url":"https:\/\/www.comparitech.com\/author\/","@type":"Question","name":"What is the purpose of NetFlow?","answerCount":1,"acceptedAnswer":"@type":"Answer","text":"NetFlow is a statistics gathering unit that is built into routers from Cisco System. The service gathers data about the packets that enter the switch on each of its interfaces. By reading packet headers, the tool can also record the destination interface and the device that data is going to. It can also note down the protocol of the traffic. This data is stored within the router and it can be queried by network monitoring software for traffic analysis.\n","author":"@type":"Person","name":"John Kimball","description":"John Kimball is a software engineer and writer who's developed safety-critical software for aircraft, software engineering tools with scripting languages, and security software for small devices. He has an interest in information security, web development, activist technology, and system\/network administration.\n","url":"https:\/\/www.comparitech.com\/author\/"]} "@context":"http:\/\/schema.org","@type":"BreadcrumbList","itemListElement":["@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.comparitech.com\/","@type":"ListItem","position":2,"name":"Net Admin","item":"https:\/\/www.comparitech.com\/net-admin\/","@type":"ListItem","position":3,"name":"SolarWinds NetFlow Traffic Analyzer Review","item":"https:\/\/www.comparitech.com\/net-admin\/solarwinds-netflow-traffic-analyzer\/"]Net AdminSolarWinds NetFlow Traffic Analyzer Review We are funded by our readers and may receive a commission when you buy using links on our site. SolarWinds NetFlow Traffic Analyzer Review NetFlow Traffic Analyzer is powerful though not self-contained. We work through it's features in our full review of this SolarWinds offering. Writer: John Kimball Updated: August 16, 2023 body.single .section.main-content.sidebar-active .col.grid-item.sidebar.span_1_of_3 float: right; body.single .section.main-content.sidebar-active .col.grid-item.content.span_2_of_3 margin-left: 0;

A bandwidth monitor and traffic analyzer primarily helps you to detect and troubleshoot network problems, and to identify traffic patterns and trends so you can adjust policies and plan network changes.

NTA and NPM run on Windows. They are enterprise-grade packages, so even the 30-day free trial demands considerable resources on your system. For production use in all but the smallest shops, SolarWinds recommends three servers:

SolarWinds specifies system requirements and best practices for good performance and best results. Recommendations for OS version, CPU speed and number of cores, amount of RAM, NIC speed, and disk-array configuration vary depending on the number of network elements being monitored (from less than 1,000 up to greater than 6,000). However, NTA itself is sufficiently demanding that an NTA install should always be treated as a large installation.

Since NTA is a module of NPM, you must install NPM first. Once unzipped, the installer checks for prerequisites, installs missing system software and then launches the configuration wizard. The wizard will guide you through providing the needed information, and then performs auto-discovery of the devices on your network.

On NPM (and NTA), once discovery is complete, you need to select which of the now-known devices you want to import into the Orion database and begin monitoring. SolarWinds recommends you start with a limited number of key devices and servers, and then expand as indicated. (You can always see the list of known devices via navigating to My Dashboards > Network > Network Summary).

For best performance and results from monitoring, SolarWinds provides guidelines for best practices about where on your network you should be capturing flow data and how to configure storage and retention.

Daily use of NPM and NTA involves detecting and troubleshooting network problems and identifying patterns and trends in network traffic. This is done via web console views, alerts, and reports (SolarWinds provides a live demo of NTA to try out the interface).

In the various views, network elements are color coded. A red or partially red element needs attention; a yellow one has a warning. Also, the various Top 10 lists (Network Top 10, Top 10 Interfaces by Percent Utilization, Top 10 Errors and Discards Today, etc) quickly highlight elements in your network that have health issues. The Top Talkers lists are particularly useful for spotting incipient bandwidth problems.

Graphics are interactive. Hovering over an element produces a popup with details about it. You can quickly filter out clutter to focus on relevant types of data and time ranges of interest. Such customized views can be saved for reuse.

Triggered alerts show up in the Active Alerts section of the initial view. They can also be sent to you by email or SMS text or other means, based on your alert configurations. You can specify that an alert message should include relevant network status information and links to relevant views in the web console.

When investigating an element or alert, you can drill down into it in the view to get more detailed status and metrics. These help determine if this is a momentary problem or a persistent issue and help identify the root cause.

When a particular interface becomes a concern you can examine its details. You can also use Flow Navigator filters to create a custom view that focuses on devices, applications, and time periods of interest.

NTA makes it easy to identify the users, applications, and protocols consuming the most bandwidth. You can sort by ports, source, destination, and protocols, and view traffic patterns over minutes, days or months.

SolarWinds Flow Tool Bundle is a pack of three small utilities to set up NetFlow on network devices and then run traffic tests across the network. You can generate IP traffic and send it, then extract statistics with NetFlow to identify the paths that the packets took. This suite can be used for network stress testing.

The NetFlow Configurator provides an interface to your Cisco routers to specify which traffic the device should sample, using NetFlow v5. You can specify where these records are sent so that the can be caught by your NetFlow collector.

The NetFlow Replicator enables you to circulate NetFlow packets to specific destinations on your network. This will give you a picture of the capacity performance of specific links on your network, which is a great opportunity for testing the abilities of your network equipment. The NetFlow Generator creates extra traffic for your network. This is a useful tool for testing the behavior of load balancers, firewalls, and network performance monitoring alerts.

These three utilities do not overlap with the functionality of the NetFlow Traffic Analyzer, so installing the Flow Tool Bundle compliments the capabilities of those other SolarWinds packages. The Flow Tool Bundle is available as a free download.

The common platform of the Network Traffic Analyzer and the SolarWinds Network Performance Monitor makes these two modules a great combination because they are able to work together to give full network monitoring functions.

Having both the NTA and the NPM together gives you a complete view of your network. If devices develop faults with components, the NPM will tell you and if switches are overloaded by too much traffic, the NTA will tell you. The two tools can help you plan capacity and get a view of how traffic is processed by switches in a path between two endpoints on the network.

3a8082e126