NetFlow-Lite offers network administrators and engineers the following capabilities:



Similar documents
Configuring Flexible NetFlow

Cisco IOS Flexible NetFlow Technology

Configuring NetFlow-lite

Configuring NetFlow. Information About NetFlow. NetFlow Overview. Send document comments to CHAPTER

ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B.

Configuring NetFlow. Information About NetFlow. NetFlow Overview. Send document comments to CHAPTER

How To Mirror On An Ipfix On An Rspan Vlan On A Pc Or Mac Or Ipfix (Networking) On A Network On A Pnet (Netnet) On An Uniden (Netlan

Cisco NetFlow Generation Appliance (NGA) 3140

Cisco Catalyst 4948E NetFlow- lite

How-To Configure NetFlow v5 & v9 on Cisco Routers

Introduction to Cisco IOS Flexible NetFlow

Configuring NetFlow. Information About NetFlow. Send document comments to CHAPTER

NetFlow/IPFIX Various Thoughts

NetStream (Integrated) Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date

Cisco IOS Flexible NetFlow Command Reference

NetFlow: What is it, why and how to use it? Miloš Zeković, ICmyNet Chief Customer Officer Soneco d.o.o.

Scalable Extraction, Aggregation, and Response to Network Intelligence

NetFlow The De Facto Standard for Traffic Analytics

SolarWinds Technical Reference

Flow Analysis Versus Packet Analysis. What Should You Choose?

Gaining Operational Efficiencies with the Enterasys S-Series

Lab Characterizing Network Applications

SolarWinds Technical Reference

Viete, čo robia Vaši užívatelia na sieti? Roman Tuchyňa, CSA

Easy Performance Monitor

Easy Performance Monitor

Cisco NetFlow TM Briefing Paper. Release 2.2 Monday, 02 August 2004

Flow Monitor for WhatsUp Gold v16.1 User Guide

Network Monitoring and Management NetFlow Overview

Flow Monitor for WhatsUp Gold v16.2 User Guide

Catalyst 6500/6000 Switches NetFlow Configuration and Troubleshooting

Introduction to Netflow

Configuring NetFlow on Cisco IOS XR Software

Easy Performance Monitor

plixer Scrutinizer Competitor Worksheet Visualization of Network Health Unauthorized application deployments Detect DNS communication tunnels

Case Study: Instrumenting a Network for NetFlow Security Visualization Tools

NetFlow Performance Analysis

The Value of Flow Data for Peering Decisions

WhatsUpGold. v15.0. Flow Monitor User Guide

Traffic Mirroring Commands on the Cisco IOS XR Software

Wireshark Developer and User Conference

LiveAction Application Note

Threat Defense with Full NetFlow

Network Management & Monitoring

Overview of Network Traffic Analysis

NetFlow Configuration Guide, Cisco IOS Release 12.4

Securing and Monitoring BYOD Networks using NetFlow

Configuring NetFlow on Cisco ASR 9000 Series Aggregation Services Router

Network Visibility Guide

Integrated Traffic Monitoring

Network congestion control using NetFlow

Cisco Performance Agent Data Source Configuration in the Branch-Office Router

NetFlow Configuration Guide, Cisco IOS Release 15M&T

Flow Based Traffic Analysis

and reporting Slavko Gajin

SolarWinds. NetFlow Traffic Analyzer. Evaluation Guide. Version 4.2

NetFlow Configuration Guide, Cisco IOS Release 12.2SR

J-Flow on J Series Services Routers and Branch SRX Series Services Gateways

Understanding Flow and Packet Deduplication

Monitoring and analyzing audio, video, and multimedia traffic on the network

Integrated Traffic Monitoring

Using The Paessler PRTG Traffic Grapher In a Cisco Wide Area Application Services Proof of Concept

HUNTING ATTACKERS WITH NETWORK AUDIT TRAILS

IPV6 流 量 分 析 探 讨 北 京 大 学 计 算 中 心 周 昌 令

NetFlow Tracker Overview. Mike McGrath x ccie CTO mike@crannog-software.com

Contents. Lancope The Leader in NetFlow Collection & Analysis. Cisco NetFlow Configuration. Cisco IOS NetFlow Configuration Guide

Configuring NetFlow Secure Event Logging (NSEL)

Redefine Network Visibility in the Data Center with the Cisco NetFlow Generation Appliance

Scrutinizer. Getting Started Guide. A message from Plixer International:

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes

Netflow Overview. PacNOG 6 Nadi, Fiji

SolarWinds Technical Reference

AlliedWare Plus OS How To Use sflow in a Network

LogLogic Cisco NetFlow Log Configuration Guide

Cisco Performance Visibility Manager 1.0.1

Cisco IOS Flexible NetFlow Overview

Using LiveAction Software for Successful VoIP Deployments How to quickly and accurately deploy QoS for VoIP networks

Network traffic monitoring and management. Sonia Panchen 11 th November 2010

Flow Analysis. Make A Right Policy for Your Network. GenieNRM

What s New in VMware vsphere 5.5 Networking

CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY

Network Management for Common Topologies How best to use LiveAction for managing WAN and campus networks

UltraFlow -Cisco Netflow tools-

Beyond Monitoring Root-Cause Analysis

Business and IT are Changing Like Never Before

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Whitepaper. NetFlow vs. sflow: A Technical Review. plixer. International

CHAPTER 1 WhatsUp Flow Monitor Overview. CHAPTER 2 Configuring WhatsUp Flow Monitor. CHAPTER 3 Navigating WhatsUp Flow Monitor

Configuring NetFlow Data Export (NDE)

Expert Reference Series of White Papers. VMware vsphere Distributed Switches

Cisco dan Hotel Crowne Plaza Beograd, Srbija.

Cisco IOS NetFlow Version 9 Flow-Record Format

Lab Testing Summary Report

Traffic Mirroring Commands on the Cisco ASR 9000 Series Router

Tue Apr 19 11:03:19 PDT 2005 by Andrew Gristina thanks to Luca Deri and the ntop team

Configuring DHCP Snooping

Cisco Prime Network Analysis Module Software 5.1 for WAAS VB

Transcription:

Solution Overview Cisco NetFlow-Lite Introduction As networks become more complex and organizations enable more applications, traffic patterns become more diverse and unpredictable. Organizations require better visibility into network traffic in a manageable way. It is crucial for network operators to obtain information about where, why, when, how, and by whom specific applications are used and how the usage might affect the network. This information is vital to enhancing operational efficiency and optimizing operational costs. Cisco NetFlow technology is one of the most scalable ways to provide this information throughout your network infrastructure. NetFlow-Lite introduces traffic visibility on the Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches for the first time. What Is NetFlow-Lite? NetFlow-Lite collects packets randomly, classifies them into flows, and measures flow statistics as they pass through the switch. It is a true flow-based traffic-monitoring mechanism that conserves valuable forwarding bandwidth when exporting flow-based data for analysis and reporting. This export data provides visibility into traffic that is switched through the Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches. What Is NetFlow-Lite Used for? NetFlow-Lite offers network administrators and engineers the following capabilities: Unprecedented visibility: NetFlow-Lite provides real-time information about traffic flows from endpoints such as PCs, phones, IP cameras, etc. You can use this information for traffic monitoring of Layer 2 and Layer 3 traffic as well as capacity planning. Network planning: You can use NetFlow-Lite to capture data over a long period of time so that customers can understand traffic patterns, top talkers, top applications, etc. This feature provides accurate data to track and anticipate network growth and plan upgrades. Simplified troubleshooting: You can use NetFlow-Lite flow-based analysis techniques to understand traffic patterns, which can help in proactively detecting problems, troubleshooting efficiently, and resolving problems quickly. 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 5

NetFlow-Lite Capabilities NetFlow-Lite provides a granular packet-sampling mechanism that is adjustable up to 1:32 and available for all interfaces. The implication is that a subset of all packets passing through the switch is selected for reporting. Figure 2 shows some of the data gathered by Cisco NetFlow-Lite. Figure 1. Output from Cisco NetFlow-Lite NetFlow-Lite on the Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches have the following capabilities: NetFlow-Lite is supported on all downlink and uplink ports. NetFlow-Lite is natively available with no additional hardware required. The sampling range is from 1:32 to 1:1022. The application measures 16,000 flows per switch. Physical ports and VLAN Interfaces (switched virtual interfaces [SVI]) are supported. NetFlow-Lite supports ingress flows only. Export using standards-based IP Information export (IPFIX) or Version 9 record format. NetFlow-Lite Sampling Techniques The sampling method of the traffic can be random or deterministic. Random sampling chooses one packet randomly out of a configured sample size, whereas deterministic sampling chooses the first packet out of a configured sample size. For example, for 1:32 sampling, deterministic mode would choose the 1st, 33rd, 65th, 97th, and so on packet coming into an interface, and random mode can choose the 5th, 39th, 72nd, 103rd, and so on packet coming into an interface. Random packet sampling is statistically more accurate than deterministic packet sampling. Differences between Flexible NetFlow-Lite, Flexible NetFlow, and sflow Table 1 illustrates the differences between NetFlow-Lite, Flexible NetFlow, and sflow. Table 1. Differences between NetFlow-Lite, Flexible NetFlow, and sflow NetFlow-lite Flexible NetFlow sflow Technology Flow-based Flow-based Packet-based Sampling Sampling (1 in 32, configurable) Every packet accounted for Sampling (1 in hundreds to thousands * ) Export format V9 and IPFIX V5, V9 and IPFIX sflow v5 Ecosystem NetFlow Collector NetFlow Collector sflow Collector 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 5

NetFlow-lite Flexible NetFlow sflow Availability Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches, and Catalyst 4948E Ethernet Switch Cisco Catalyst 3K, 4K, 6K Cisco Nexus routers 7K, 2K, 1KV Cisco Nexus 3K * Product support of sflow may vary. NetFlow-Lite Solution The following steps illustrate NetFlow-Lite configuration on the Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches: Step 1. Configure a Flow Record, which defines the data collection. You can customize it for specific requirements. You can use the following example with most NetFlow collectors: flow record v4 match ipv4 tos match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port collect transport tcp flags collect interface input collect flow sampler collect counter bytes long collect counter packets long collect timestamp sys-uptime first collect timestamp sys-uptime last Step 2. Configure a Flow Exporter, which defines where the collected data needs to be sent. Please refer to the NetFlow collector application user guides and manual for specific details such as port number, differentiated services code point (DSCP), and other options. The configuration follows: flow exporter Replicator description Exporter to Cisco Prime 2.0 destination 10.2.44.12 source GigabitEthernet1/0/1 dscp 16 template data timeout 60 option interface-table Step 3. Configure a Flow Monitor, which binds the flow record and exporter along with options to configure the flow cache: flow monitor v4 record v4 exporter Replicator cache timeout active 30 Step 4. Configure a Flow Sampler. Define the sampling technique and sample size. The configuration follows: sampler v4 mode random 1 out-of 32 Step 5. Attach the Flow Monitor and Sampler to the interface: interface GigabitEthernet1/0/1 ip flow monitor v4 sampler v4 input 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 5

Cisco Prime and Partner NetFlow Collector Applications Cisco Prime Infrastructure can collect flow data from all Cisco devices including NetFlow-Lite data from Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches. It also uses an application visibility engine to determine well-known applications based on NetFlow collection (Figure 2). Figure 2. NetFlow Capture on Cisco Prime Infrastructure Partner collector applications such as ActionPacked LiveAction, Plixer Scrutinizer, and others have been tested with NetFlow-Lite, as illustrated in Figure 3. Figure 3. NetFLow Capture with Partner Applications NetFlow-Lite Partner Program The Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches have been tested with the leading NetFlow collector applications such as Cisco Prime, ActionPacked LiveAction, Plixer Scrutinizer, and many more solutions. Customers can now order these applications with the $0 FnF SKUs on the Cisco Catalyst 2960-X, 2960- XR, 2960-CX, and 3560-CX Series Switches price list. 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 5

Feature Support Information Table 1 illustrates the differences between NetFlow-Lite, Flexible NetFlow, and sflow. Table 2. Lists the License and Software Requirements for Cisco Netflow-Lite Minimum License Required Minimum Software Required Cisco Catalyst 2960-X LAN Base 15.0(2)EX Cisco Catalyst 2960-XR IP Lite 15.0(2)EX1 Cisco Catalyst 3560-CX IP Base 15.2(3)E Cisco Catalyst 2960-CX LAN Base 15.2(3)E For More Information For more information about NetFlow-Lite on the Cisco Catalyst 2960-X and 2960-XR Series Switches, visit http://www.cisco.com/go/2960x For more information about NetFlow-Lite on the Cisco Catalyst 3560-CX and 2960-CX Series Switches, visit http://www.cisco.com/go/compactswitches For information about NetFlow-Lite, visit: http://www.cisco.com/go/2960x and http://www.cisco.com/go/compactswitches Printed in USA C22-728776-01 02/15 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information