In this Blog Post

Written By
Amartya Gupta
Amartya Gupta

Product Marketing Manager

The terminology of “Monitoring” has vastly changed over the years with inclusion of various granular parameters. Monitoring has mostly relied on network traffic analytics and network administration. It provides data that provides us with insights on the general state of the platform.

Classic monitoring method was restricted to just device or network topology, but now it has been majorly revolutionized by keeping the active traffic under “Bir’s Eye View”; this new monitoring approach is also known as Netflow / sFlow / IpFix – traffic analyzing techniques. So, let us first understand:

What is a Network Flow?

It is a series of communications between two endpoints; that are bounded by the opening and closing of the session. There is a lot of data stored in a flow that is available for analysis. The data points collected are:

  • Source and destination IP addresses exchanging information

    Source and destination ports, if any (ICMP, for example, doesn’t use ports)

  • The protocol

Network flow monitoring is one of the best ways to resolve network performance issues and ensure QoS – Quality of Service for various services and applications.

It is also referred to as network traffic analyzer, bandwidth analyzer or bandwidth monitoring, network flow monitoring etc.

Now let us understand what is Netflow / sFlow with few use cases from Motadata to deep dive in the topic and seek advance understanding on the subject.

1) Detect unwanted traffic with malicious motives – Deadly DDoS

It’s not just firewall’s or UTM’s role to detect the attacks from outside world to mitigate unwanted and harmful traffic, but monitoring tool is equally accountable to encounter the heavy traffic from single or multiple hosts or generators.

Nowadays, DDoS is considered one of the deadliest attacks that can destroy any network, which can be monitored by Netflow traffic analyzer.

Motadata’s netflow traffic analyzer is capable to catch and distinguish traffic in graphical as well as grid-wise table formats, that gives you accurate and exact information about the flow of traffic with all the required details.

By analyzing the historical data, you can get insights on the source from where the traffic was generated, who was the target and for how long was it targeted.

So as far as the security of the network is concerned; Motadata Netflow / sFlow facility can save your day.

Figure A – The figure shows Top 5 Applications, Conversations, Endpoints & Protocols for NetFlow 5

Protocols for NetFlow

Figure B – The figure shows historical trend for the volume of flow for 172.16.10.1. It also shows Top 10 sources & Destinations for the selected flow.

Historical trend for the volume of flow

Figure C – The figure shows the protocol summary comprising of UDP here. It also shows top 10 conversations & applications for one selected Source Host.

Protocol summary comprising of UDP

2) Network performance and health measurement

Security is not the only concern for any enterprise network, but measuring the performance is equally important.

To rectify the cause of the sluggish network or application performance, Netflow can provide you with fruitful information, which can detect who is doing what and for how long.

To troubleshoot performance related issue of any web-based or other network applications, one should consider the performance of network traffic in the first place.

For swift monitoring of network performance in the long run, network admins should not just rely on typical monitoring methods like SNMP, but should also consider and utilize latest methods like Network flow analyzer.

Motadata NMS Netflow analyzer is a gift to network admins, who give importance to network performance. Below screenshot lets you analyze the traffic volume of every source and destination within the network.

It helps network admins to understand the network flow volume, which can easily track who is generating how much traffic and in what direction.

Netflow analyzer

So why does the Network Admin need traffic monitoring tool

The network admins need the tool for the following reason

  1. Internal network visibility
  2. Identification of slow applications
  3. Detection of spyware and other hacks
  4. Detection of outflow of personal information of clients
  5. Departmental bandwidth usage

To conclude, technology has emerged vastly with lot of new inventions to make things easy and efficient. Motadata Network traffic analyzer helps you with:

  • Capture all Conversations: Capture, view, log and analyze all the data passing through your network. Detects every network activity, also application usage of system’s ports.

  • Deep Insight into Flow: Gain deep-level invaluable insights about how your network being used. Identify abnormal traffic patterns, fight potential threats proactively.

  • Retain Raw Conversations: Get historical trend of each unique transaction between IP to IP, IP to the application. Understand user behavior and usage pattern of your application.

  • Application Traffic Issues: Identify applications causing network traffic performance issue. Detect applications with higher bandwidth usage to avoid bandwidth outage.

  • Bandwidth Used per User: Motadata churns bandwidth usage down to individuals. Keep a close eye over network bandwidth usage and detect the excessive use of bandwidth.

  • Bandwidth Monitoring: Unified visibility from network to end-user. Get the complete picture with end-to-end traffic visibility. Gain holistic view over traffic trends.

Motadata platform supports Netflow (versions: v5, v9), IPFix, sFlow and JFlow. You should try Motadata Network Traffic Analyzer tool today and see how it works. Try! It is free for 30 days!