NetFlow is a common—arguably a defacto standard—format for collection of IP network traffic. By analyzing NetFlow data, a network administrator can determine things such as the source and destination of traffic, class of service, and the causes of congestion. A typical flow monitoring setup (using NetFlow) consists of three main components:
- Flow exporter: aggregates packets into flows and exports flow records towards one or more flow collectors.
- Flow collector: responsible for reception, storage and pre-processing of flow data received from a flow exporter.
- Analysis application: analyzes received flow data in the context of intrusion detection or traffic profiling, for example.
An ATLAS platform or an industry-standard server with an ANIC adapter are ideal for creating a standalone flow exporter which is one piece of the NetFlow puzzle as outlined above.
If you are interested in building a NetFlow Exporter or just want to learn more, please read this case study “ntop and Accolade Deliver Innovative Flow Exporter Solution” below.