Some tools claim to be free and some are free AND useful. Talking with relation to the so many free network traffic analysis tools available online. The main objective of a traffic monitoring and analysis tool is to be able to see the history of threats, threshold violations, bandwidth utilization and extrapolate it to the future for taking better informed capacity planning decisions. All this analysis is carried out with the data (from NetFlow, sFlow, IPFIX, jfLow and more) available (stored) with the tool. One should be able to compare traffic through a particular device various time periods to see the effectiveness of the policies that have been recently changed / set.

Free tool with no data storage is as needless!

At the end of the day, "relative results" matter. To be able to show that one has made certain changes and how it has affected the network for good, hopefully! All this is possible only if a large amount of data is available for analysis. There are free tools which offer to store data for up to one wHOLE day. All a user will find the next day is a hole in the previous day data. A clean data base and a blank look on one's face. For analysis, data size is very critical. And it doesn't take a genius to say that one day data does not contribute to any analyzable data. Time and data are somethings that cannot be got back once lost (data can be, if you have fail-over, but, hey! how many free tools have that!).

Even when you are going for a free tool, you have a choice to make. To make the choice between something that is going to cost your time and data or the one that is useful-AND-free, which can store the data forever, carry out the necessary analysis.

NetFlow Analyzer free edition lets you monitor two most critical interfaces in your network and the data can be stored forever - that is absolutely free AND useful. An useful solution which gives better analysis with the data that can be stored forever. You can see the history of security threats, the trend of bandwidth requirement growth over a period of time, answers questions such as "who are the top talkers?, is the bandwidth used for the business critical applications ?" and much more.

So you want a "free" tool or a free AND useful tool?

Cheers

Joe

Follow NetFlow Analyzer on twitter!

Released!

NetFlow Analyzer Enterprise Edition 7.0 is packed with a load of amazing features. The official PR is available here.

And happy to announce that NetFlow Analyzer Enterprise Edition supports Cisco NetFlow (and other flows), Cisco NBAR and Cisco CBQoS out–of–the–box. Download the 30-day free trial and try it out in your network setup.

Following are some of the new features added in 7.0.

• Validating QoS policies with Cisco CBQoS - Enterprise edition now supports Cisco CBQoS and provides report on the per-class pre policy, post policy drops and queues. This new feature complements the already existing support for Cisco's Network based application recognition (NBAR), helping in application mapping and providing better quality of service. Read more...
  


• User based dashboard page for guests / Operators - Each user can have their own dashboard, only viewing devices that need to be monitored by them, which can be sorted based on utilization, speed etc.


• Business hour alerts - makes sure that the users do not have to worry about the alerts that might be generated during non-business hours. With the new version of NetFlow Analyzer, business hours can be preset as per the enterprise's need and the alerts can be activated only during that period.


• Exclude IP address(es) option in IP groups - During creations of IP groups, the exclude option makes it much easier to exclude only particular addresses from a network as the requirement may be.


• Radius authentication - Radius Server is useful in centralised management of user credential details. Once the user roles are defined in the User Management feature of NetFlow Analyzer, subsequent authentication of the user profiles can be done from the Radius Server.


• Exclude encrypted applications - Enabling NetFlow on cryptomap tunnel interfaces double counts the ESP / GRE traffic. That can be prevented by applying this filter on cryptomap tunnel interfaces.


• Output interface suppression - WAN optimizers compress the packets and therefore the flow size varies. The size of the packet going in and coming out is not the same, and the readings can be misleading and confusing, to say the least. To avoid this, "Output Interface Suppression" can be used. The interface in which the compression takes place (destination/output interface) can be suppressed.


• ACL related drops - Access control filter drops the flow information which contains data pertaining to dropped traffic due to Access Control List.

I'm sure you would have heard about the ManageEngine NetFlow Analyzer and the Riverbed Technology Alliance(RTA). I just wanted to let you know the what, why and of course, the end user benefits of the RTA.

What and why - this RTA?

RTA is a program by riverbed which allows companies with complementary technology to bring additional value to the end users. Riverbed Steelhead appliances are used for WAN optimization and much more. And these Steelhead appliances export NetFlow, this is where ManageEngine NetFlow Analyzer comes useful. NetFlow Analyzer collects and analyzes these NetFlow packets exported from the Steelhead appliances and gives in-depth visibility of your network such as top talkers, top applications, DSCP values and much more.

Over the past four years, the time since NetFlow Analyzer came into being, and with 4000 businesses using this solution, we have seen at least 500 of them using Riverbed Steelhead appliances. And the value the joint solution brings is immense.

"The joint solution from Riverbed and ManageEngine NetFlow Analyzer provides in–depth visibility into our WAN traffic and accelerates applications crossing the WAN," said George Caraker, Manager of IT Operations at Kennedy⁄Jenks Consultants. "We can now quickly and easily identify the root cause of many network issues, resolve bandwidth utilization problems, and track long term trends. We can also do application monitoring and IP monitoring to ensure quality of business critical applications like MS Exchange and SAP. ManageEngine NetFlow Analyzer is easy to install and use and represents excellent value."

End user benefits:

Check out the Riverbed ManageEngine joint solution brief here.

Cheers

Joe

 Interface view is the place where the network puzzle unravels. The place where every network administrator looks for, to get a view of what is happening in the network, the top talkers, network traffic details etc. This view helps in quicker identifications of the cause of a network issue and hence faster troubleshooting. This is almost an index of all the routers/switches that have their interfaces monitored by the NetFlow Analyzer.

Some of the questions that will be answered by a quick glance of this interface view are:

• How many interfaces are associated with each router
• Utilization of each interface
• In and out traffic ( volume and % of utilization) for each interface
• Troubleshoot report for a particular interface
• Consolidated report for a particular interface
• If NBAR monitoring is being done on the interface
• If CBQoS monitoring is done on the interface
• Quick view speed graph
  
• If any preset alerts have been triggered for the particular interface
• The various IP groups created. Traffic details and more for all the IP groups

Download - 30 day evaluation | Request Product Walkthrough | Interactive online demo

Cheers

Joe

Celebrating a year of releasing Professional Plus edition of ManageEngine NetFlow Analyzer! As one of the pioneers to leverage on Cisco NetFlow technology to give an in-depth view of the network traffic (for starters) and much more, we also take pride in leveraging other Cisco technologies like CBQoS and NBAR. With time comes stability and user-trust. Hence, we are glad that its been one year. It's around this time, last year, we released Professional Plus edition. For those who don't have an idea about the professional Plus edition, this is the edition that has 3 powerful, highly useful features (users said it, not me!) additional to all the features of professional edition, hence the name "Professional PLUS" (duh!! :)). The three features are

NBAR

• Cisco technology for deep packet inspection
• Helps in mapping applications that use dynamic ports, with ease.

CBQoS

• Leverages on the Cisco CBQoS(class based quality of service) technology. Validate the QoS policies.
• Reports on per class pre-policy, post-policy, drops and queues
• More details

 
Billing

• Useful for chargeback and accounting
• Automatic bill plans as per schedule
• Create any number of customized bill plans
  
• More details

Download (30 day trial) | Interactive Demo | Website

Cheers

Joe

http://www.twitter.com/josephjay

One of the many satisfied customers of NetFlow Analyzer, we caught up with, in Cisco Live. See for yourself...

To view other quotes click here and here (not necessarily simultaneously :) )!

Download (30 day trial) | Interactive Demo | Product overview video

Cheers

Joe

http://www.twitter.com/josephjay

 What is a Time maze?? Also known as the time zone, It is the mathematical puzzle one has to solve when trying to relate to some other time zones. 

Who goes through the maze? Network managers / admins, when they have to relate to other time zones, for troubleshooting network traffic issues or to check on the spike in bandwidth utilization in devices spread across various part of the world. NetFlow analyzer takes care of this detail. 

Say, you (network admin / manager)  are working for a large enterprise which is head quartered at New York and has branch offices in London, Paris and Athens ( Disclaimer : I don't have anything against or for these countries, I picked these names coz the above image has these names! ). You come across an issue at a particular time, reported to you by the network engineer at a branch office. You want to see the network traffic in branch office's time zone. And you DO NOT want to go through the Time maze. What do you do?!

To go in to the details of this, I need to explain three different concepts :

• Device groups
• User management
• Time zone settings

A network bandwidth monitoring tool catering to varied needs of the small, medium and large enterprises requires different architecture. Different strokes for different folks!

During many of the recent analyst briefings, I've found myself having to answer this one particular question, which was "you have two different editions - Professional and Enterprise, catering to two different markets, SMBs and large enterprises, respectively. Do you have separate architecture for the two editions or do you give the same architecture for both?"

And that question, as always, makes me real happy. Because the answer is the one that the analysts and the product evaluators want to hear. Here is the answer:

"We understand that different organizations require different solutions and the SIZE DOES MATTER. That is why we have two different architecture for the two editions. Large enterprises are usually branched out in various locations, have higher flow rates and their NetFlow data is exported through the cloud. In contrast, the small & medium businesses do not have many branch offices, have lesser interfaces to monitor and lesser flow rates. With such a huge difference in business requirements, it is obvious that a single solution cannot be suited for both. Hence, it is necessary for the NetFlow Analyzer to adapt to such a need, and adapt, we did!

Enterprise Edition was developed strictly for large enterprises and following are the list of Enterprise level special features:

• Distributed architecture - Collectors at branch office  and the Central server for unified central view
  
• Highly scalable - up to 20, 000 interfaces can be monitored, with 100, 000 flows per second
  
• HTTPS connection between the collectors and the central server
• Failover- Seamless reporting
• Localized Timezone - Ability to view the reports / graphs according to user timezone  

Professional Edition, on the other hand, strictly caters to businesses monitoring less than 600 interfaces and do not have branch offices. The collectors and central server functionality are managed by the single server, due to lesser number of flows. All the features of professional edition can be viewed here. 

Download(30 day trial) | Interactive Demo | Product overview video

Cheers

Joe

http://twitter.com/josephjay

 Time goes real fast!, it’s a busy world out there!...  I'm sure everyone has heard all those rants before. But have you heard of a solution that understands your need to get the things done fast and helps you get the job done faster. Okay, I'll quit bragging now. Have you seen the new features in NetFlow Analyzer 7.5? I'd like to tell you about one such feature now.

Single Click Email Option.

Assuming you do know that NetFlow Analyzer is a bandwidth monitoring, network forensics and network traffic analysis tool and the powerful features and benefits it has, I’m proceeding to explain this one small but a critical feature that can save you much time.

When you have drilled down to the interface wise traffic, application, source destination, etc level of monitoring (see below)

Quick tip: The selectable graph even lets you zoom in on points you want to see closely (you can check that out in the demo)

Back to the point. So you are there, in the aforementioned level of in-depth view of the interface, right then you see a report, an important observation you have made. And you want to send that view, a screenshot (if I may say) of what you are seeing. You can do that without the hassles of exporting a report and then attaching it in a mail and then sending it (what a drag!). Now, all it takes is a single click.

All you have to do is click on this small icon on the top right part of the page you are viewing and of course, CLICK. And poof! you get a mail with the screen shot as an attachment. Just send it whomever you wish to (preferably, to someone in your enterprise!).

Time and hassles saved!

Download |Interactive Demo| Product overview video

Cheers

Joe

http://www.twitter.com/josephjay