Background

NetCrunch Platform Module

Traffic Flow Analyzer

NetCrunchトラフィックアナライザーは、IPFix、NetFlow、sFlow、jFlowなどの一般的なフロープロトコルを使用して、さまざまなネットワーク機器からのフローデータを収集し処理します。 Cisco NBAR2およびカスタムアプリケーショントラフィック監視も可能です。

このモジュールは次の製品でご利用可能です。:

このモジュールは他の全てのNetCrunchプラットフォーム製品に追加いただけます。

@@img:flows.png

 評価版ダウンロードはこちらから
NetCrunch Modules

NetCrunch Traffic Flow Analyzer is a software-based Flow collector that collects traffic data, correlates it with other network data, and then allows monitoring and presentation of the current traffic state.

NetCrunch analyzer supports Cisco protocols such as Netflow, IPFIX, and Cisco NBAR technology for application monitoring.

  • TOP BENEFITS
    1. Monitor network bandwidth & traffic patterns down to the interface level
    2. Identify which users, applications, & protocols are consuming the most bandwidth
    3. Recognize IP addresses of top talkers
    4. Analyzes Cisco® NetFlow, Juniper® J-Flow, IPFIX, sFlow®, Huawei NetStream™ & other flow data
    5. Easy setup in less than an hour

  • Flow Analyzer

    NetCrunch allows you to analyze traffic using various criteria such as

    • Application Groups
    • Applications
    • IP Protocols
    • Servers
    • IP Addresses
    • Atlas Nodes
    • IP Networks
    • Domains

    The traffic can be analyzed for all nodes or for any group of nodes defined through Atlas View. NetCrunch can also collect summary performance data for each traffic category.

    @@img:flow-analytics.png NetCrunch Flow Analyzer

  • Node Flow Statistics

    NetCrunch also shows real-time flow statistics for each node. Flows Status shows both summary traffic of the node and trend in the last hour.

    The program allows setting thresholds on various metrics such as a number of packets or bytes being transmitted in the time unit.

    @@img:node-flows.png NetCrunch Node Flow Status

  • KEY FEATURES

    1. Flow Server & Analyzer for monitoring traffic, supporting most popular protocols being used (IPFix, NetFlow (v5 & v9), sFlow, JFlow, netStream, cFlow, AppFlow, and rFlow)
    2. Supports Cisco NBAR technology for application monitoring
    3. Allows creating custom application definitions
    4. NetCrunch integrates flow data within its monitoring database (Network Atlas) so that traffic is measured properly per device instead of per IP address.
    5. NetCrunch can collect and alert on performance thresholds based on the summary traffic and for the specific node data.

    @@img:top-talkers.png Top Talkers

  • HOW IT WORKS

    @@img:flow-analyzer.png NetCrunch Flow Analyzer

    1. First, you need to enable the feature on the switch or router that supports the flow technology. Next you need to set NetCrunch as the destination for flows.

    2. Then the device sends flow data to the flow collector in specified periods of time (defined in the device settings).

    3. The analyzer processes the data to perform traffic analysis and stores the data for a short time. The user can view traffic data and observe given traffic metrics.

What is NetFlow?

NetFlow is a protocol developed by Cisco for collecting and recording IP Traffic going to and from a Cisco router or switch equipped with the NetFflow technology.

After Cisco originally developed the protocol, many other manufacturers have implemented their version of the protocol into their products, including

  • Juniper ( “JFlow”),
  • 3Com/HP,
  • Dell and Netgear (SFlow),
  • Citrix (AppFlow),
  • Ericsson (RFlow),
  • Huawei (NetStream),
  • Alcatel-Lucent (which uses CFlow).

What is Cisco NBAR2?

NBAR2 (or Next Generation NBAR) is a re-architecture of NBAR based on the Service Control Engine (SCE) with more advanced classification techniques, accuracy, and many more signatures.

NBAR2 is adopted as a Cisco cross-platform protocol classification mechanism. It supports 1000 + applications and sub-classifications, and Cisco adds/provides new signatures and signatures updates through monthly released protocol packs.

NBAR2 leverages classification techniques from SCE, which allow classification of IPv4, IPv6, and v6 transition techniques. NBAR2 can classify evasive applications like Skype and Tor, as well as business applications like ms-lync, cloud applications such as Office-365, and also mobile applications such as facetime, etc. using advanced classification techniques.
NetCrunch Modules

ADREM SOFTWARE IS A PARTNER OF