Palo Alto Networks devices from version 4.1 onwards have started supporting NetFlow. All the NetFlow configuration can be done from the device’s UI.
We were not able to get a screenshot that showed the NetFlow configuration for Palo Alto Networks devices. Please find below the details of the tabs, which will give you an idea of how to configure NetFlow on these devices.
There are two main steps to configuring NetFlow on a Palo Alto Networks device:
- Define a NetFlow server profile: This specifies the frequency of the export along with the NetFlow servers that will receive the exported data.
- Assign the profile to a firewall interface: All traffic flowing over this interface is exported to the specified servers.
Step 1
To define a NetFlow server profile, navigate to Device > Server Profiles > NetFlow in the GUI. Here you will see the following settings:
- Name: Enter a name for the NetFlow settings.
- Template Refresh Rate: Specify the number of minutes or number of packets after which the NetFlow template is refreshed (we recommend 1 minute or a packets range of 1-600 with a default of 20).
- Active Timeout: Specify the frequency at which data records are exported for each session (we recommend 1 minute).
- Export PAN-OS Specific Field Types: Export PAN-OS-specific fields such as App-ID and User-ID in NetFlow records.
- Server Name: Specify a name to identify the server.
- Server: Specify the hostname or the IP address of the server.
- Port: Specify the port number for server access (the default is 9996).
Step 2
Once you have configured the NetFlow profile, the next step is to assign the profile to a firewall interface. For this, navigate to Network > Interfaces > Ethernet. Click the link for the interface on the Ethernet tab and specify the NetFlow Profile.
Once you have completed these two steps, the flows will be exported to the NetFlow Analyzer server, and NetFlow Analyzer will automatically detect the device and start generating the report for you.
Reference: http://digitalscepter.com/wp-content/uploads/PAN-Guides/Palo-Alto-4.1_Administrators_Guide.pdf
Reach us on Facebook at NetFlow Analyzer TAC.
Catch up with the latest updates in the industry through our LinkedIn community, Bandwidth Monitoring and Traffic Analysis for Enterprises.
please help out this PA 200 net flow profile not working on firewall interface.