Today the monitoring of network traffic is one of the most demanded and most important activities for companies of many types since when we talk about networks, we not only refer to internet networks of large telecommunication companies, but also It can monitor the Lan network of a small or medium business.
Currently there are several types of protocols that allow network administrators to control and analyze the traffic that takes place through the networks they manage. One of the most popular protocols for carrying out this network analysis or monitoring is the popular NetFlow. This protocol was created in 1990 and since then it has received different updates and improvements.
NetFlow is a protocol used in order to collect data and information on the traffic that passes through the networks that we manage, such as: IP addresses, input and output ports, etc.
The NetFlow protocol requires a very specific architecture for its correct operation. This structure must have several elements that are the following:
1) The first element of the structure is a router that centralizes the traffic of all managed networks and is responsible for reporting the traffic that crosses or passes through said router.
2) Another important element of this structure is the manifold which is responsible for collecting the information that has passed through the router and that it has sent to said collector.
3) The third, and one of the most important elements, is a application or program which is in charge of ordering, organizing and presenting to the user a detailed report of all the information that has passed through the router and that has been collected by the collector.
Therefore, Netflow is a protocol that is responsible for collecting information from the networks we manage (Lan, internet, etc). This protocol Netflow (Exporter) it runs on a router to which all networks are connected and which is usually the “edge” router. This edge router will periodically send the information that traverses it, to a server / computer (Netflow Collector) which will act as a collector and which may be running an operating system such as Linux. This collector has a database and a program of traffic information analysis that has been sent by the edge router.
Software traffic monitoring It is the one in charge of taking the information, analyzing it and turning it into reports so that it is accessible and understandable by the end user or network manager in order to identify patterns, characteristics and practically any information related to the traffic of the analyzed networks.
Evidently the network analysis, thanks to netflow protocol, it will not require 24-hour live monitoring since, thanks to the storage of traffic history, at any time you can make inquiries for specific days and hours. In addition, Netflow allows you to analyze information such as: Interface, IP of origin and destination, IP protocol, Port of origin and destination, Ability to monitor traffic or protocols that are not IP and ToS.
Due to all this and the amount of information that must be analyzed, the choice of the monitoring program is undoubtedly one of the most important decisions. Within the sector there is a large amount of software capable of performing this monitoring, however not all of them offer the same options or reports. Among all of them, Downloadsource.es has verified that the most prominent of all is SolarWinds NetFlow Traffic Analyzer.
The big difference between Solarwinds and other similar programs lies in the enormous number of functions, options and the ability to customize any report or metric in detail. Among the most outstanding functions are:
– Bandwidth tracking.
– Alerts on different parameters of the monitored traffic.
– Analysis of network traffic parameters, for example: source and destination IP address, source and destination UDP or TCP port, type of IP protocol, etc.
– Intuitive and easy to use interface.
– Security control that allows you to identify potentially malicious or inconsistent traffic.
Without a doubt, SolarWinds NetFlow Traffic Analyzer is one of the IT programs Indispensable for any network manager or administrator regardless of their size. This professional software has the ability to perform the monitoring and analysis both small networks and networks that support gigantic traffic.
.
Leave a Reply