ManageEngine NetFlow Analyzer : Flexible NetFlow Configuration using Pre-Defined Flow Record

Oct 23 2009 12:48:49 PM Posted By : vraj
Comments (0)

        This blog may need prior reading of my first blog about Flexible NetFlow. We have already discussed about the advantages of Flexible NetFlow and migration from traditional NetFlow versions to FNF. To make this transition smooth Cisco provides the option of pre-defined flow records which can be used to configure Flexible NetFlow without investing a lot of time. And as I mentioned earlier it also helps your existing NetFlow V9 collector to parse exported data. However to use Flexible NetFlow to its fullest potential or to monitor a specific network behavior, you should create your own customized records. 

        Let’s see how to configure Flexible NetFlow to export flow statistics. Flexible NetFlow export can be configured in three easy steps.

1. Configure the exporter

2. Configure the Flow Monitor with the pre-defined Flow Record and Flow Exporter attached to the monitor.

3. Add the Flow Monitor to the interface to monitor either ingress (input) or egress (output traffic).


1. Configuring Exporter

                    Flow exporter can be configured with a unique name. Multiple Flow exporter profiles can be configured. Below is the configuration to configure Flow Exporter.

flow exporter <exporter name>

destination <ip address of ME NFA>

transport udp <port number>

Example configuration:

flow exporter me_nfa_analyzer

destination 192.168.1.1

transport udp 9996   


2. Flow Monitor and Flow record configuration

Flow record configuration defines the fields exported via NetFlow protocol. Flexible pre-defined flow records are based on the original NetFlow ingress or egress caches. Cisco provides a unique keyword to identify the pre-defined records and these records can associated with a Flexible NetFlow Flow record configuration. The Flexible NetFlow "netflow-original" and netflow ipv4 original-input are predefined records and these two records can be used interchangeably to export the basic key fields and time stamp fields. Flow monitors can also include packet sampling information if sampling is required.

flow monitor <monitor name>

record netflow-original

exporter <exporter name>

cache timeout active <seconds>

cache timeout inactive <seconds>

Example Configuration:

flow monitor me_nfa_monitor

record netflow-original

exporter me_nfa_analyzer

cache timeout active 60


3. Adding Flow Monitor to the interface

Flow Monitor has to be attached to a specific physical or logical interface to export flow statistics for that particular interface. Below is the configuration to attach flow monitor to a specific interface.

interface <interface name>

ip flow monitor <monitor_name> input

Example Configuration:

interface serial0/0

ip flow monitor me_nfa_monitor input


   And the above configuration can be verified by "show flow monitor" command. As I mentioned earlier Flexible NetFlow has numerous advantages and has the power of supporting new performance monitoring statistics as soon as they are available.  Flexible NetFlow is an evolving technology available in Cisco devices to help with visibility into how network assets are being used and the network behavior. 

Please find more information on FNF here.

   ManageEngine constantly studies the market and user demands to support new technologies. In fact ManageEngine NetFlow Analyzer is the first tool to support multiple bandwidth and performance monitoring technologies like NetFlow, NBAR and CBQoS in the market. And currently ManageEngine NetFlow Analyzer supports Flexible NetFlow without any issues. Please write your questions to netflowanalyzer-support@manageengine.com. We are happy to assist you at any moment.

Thanks

Raj 

Download | Interactive Demo | Product overview video | Twitter | Customers

Posted Under : Technical
Tags : netflow analyzer network traffic bandwidth monitoring monitor bandwidth Flexible NetFlow netflow configuration FNF WAN traffic Flexible NetFlow Configuration manageengine netflow analyzer bandwidth analysis CBQoS
Share this article: Tweet this  Connect with Facebook  Bookmark in Delicious  Add to Digg  Stumble it
Permalink TrackBack

Solving the Time Maze - in a MUCH easier way!

Aug 04 2009 02:00:23 AM Posted By : Joseph
Comments (2)

 What is a Time maze?? Also known as the time zone, It is the mathematical puzzle one has to solve when trying to relate to some other time zones. 



Who goes through the maze? Network managers / admins, when they have to relate to other time zones, for troubleshooting network traffic issues or to check on the spike in bandwidth utilization in devices spread across various part of the world. NetFlow analyzer takes care of this detail. 

Say, you (network admin / manager)  are working for a large enterprise which is head quartered at New York and has branch offices in London, Paris and Athens ( Disclaimer : I don't have anything against or for these countries, I picked these names coz the above image has these names! ). You come across an issue at a particular time, reported to you by the network engineer at a branch office. You want to see the network traffic in branch office's time zone. And you DO NOT want to go through the Time maze. What do you do?!

To go in to the details of this, I need to explain three different concepts :

  • Device groups
  • User management
  • Time zone settings
Device groups:
NetFlow Analyzer helps you to group devices / interfaces as single entity. Device groups help in ease of monitoring and can be assigned to a particular network admin / engineer. The hierarchical view helps in easy understanding of network devices.



User Management:
This allows the assigning of role based access to network admin and engineers. In an ideal setup, a network manager creates device groups, say, for different branch offices and assigns one group to one network admin / engineer. Therefore, when the particular network admin / engineer logs in, only the assigned devices can be viewed by him. NetFlow analyzer also helps him to set time zone for his login. An user can be assigned to various device groups and/or IP groups. Different access levels can also be set.



Time Zone Settings:
Network Admin monitoring devices from France can set the time zone to France, whereas others can have their own time settings for their respective logins.



Solution:
In case there is a network issue and it gets escalated, a network manager(in the US) might want to take a look at that particular router(in France) or interface. And of course, without the hassles of having to solve the time zone maze. Issue is known to have occurred between 3:00 PM to 4:00 PM. To view the traffic in the French router, all that a network admin has to do is, go to the time zone settings and change the time zone to France. Once that is done, all the traffic and other details will be shown in the new time zone and it makes it much easier for the network manager to view and troubleshoot the issue without having to go through the maze.



Download (30 day trial) | Personalized web demo | Product overview video


Cheers
Joe
http://www.twitter.com/josephjay
Posted Under : General
Tags : netflow analyzer network traffic enterprise network
Share this article: Tweet this  Connect with Facebook  Bookmark in Delicious  Add to Digg  Stumble it
Permalink TrackBack

Search Post
 
Latest Posts
Authors
Categories
BlogRoll
© 2009 Corp. All rights reserved. Trademarks | PrivacyPolicy | Site Map | Contact Us | Careers