Home Data Center Collecting Netflow and Sending to Solarwinds NTA

Collecting Netflow and Sending to Solarwinds NTA

0
Collecting Netflow and Sending to Solarwinds NTA
0

If you are interested in collecting, viewing and inspecting Netflow data like I am, then you will be interested in this. Netflow gives you deep level inspection into your network traffic such as source and destination of traffic, protocols and types of service, plus much more. Why is this valuable information? Maybe you are interested in the different types of traffic that are floating around on your network or possibly you are getting reports of slow network connectivity by users. So how do we get this Netflow data? First off your network devices must support exporting Netflow data to begin with, sort of anyways! This goes for any network switches, firewalls and even vSphere. The second part of gathering Netflow data is that you must have a Netflow collector installed on your network, NTOP is a good open-source Netflow collector but it loses all of it’s data when rebooted; however, lately I have been doing some deep level testing with several of Solarwinds products (SAM, NPM, Virtualization Manager, NTA and Storage Manager); in particular, Solarwinds NTA (Netflow Traffic Analyzer). This product provides an unbelievable level of detail and is visually pleasing as well. One other thing about this product is the integration between their other products which provides a seamless view into your environment. Instead of jumping between different products that you may use and not having any sense of correlation between different elements in your environment.

So assuming that you are running a physical and virtual environment like I am, setting all of this up can be somewhat of a challenge. In my lab I am running a Cisco 3750G 48TS switch stack, physical PFSense firewall and three vSphere 5.5 hosts running between 30-40 VMs at any given time. So with my setup the first challenge is that my Cisco switches do not support exporting Netflow, obviously your environment may be different. So in order for me to collect netflow data from my switches you can take a look here on how to create a RSPAN port mirror and send that data to a vDS (vSphere Distributed Switch) port. The difference in this article compared to the link above will be that we will not be installing or using NTOP but instead on our VM we will be using nProbe (created by the same people who create NTOP). nProbe will be acting as a Netflow proxy in our setup for each device that we will be collecting Netflow data from and then forwarding onto our Solarwinds NTA. nProbe is not a free product but so far it is well worth it. There are several linux open-source (fprobe, ipt-netflow and pflow) Netflow forwarders but I have not had good success yet using with Solarwinds but I will be doing some additional testing on those as well in the near future.

To learn more and to read the entire article at its source, please refer to the following page, Collecting Netflow and Sending to Solarwinds NTA- Everything Should Be Virtual

Categories:
SolarWinds SolarWinds (NYSE: SWI) provides powerful and affordable IT management software to customers worldwide from Fortune 500® enterprises to small businesses. In all of our market areas, our approach is consistent. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem on any scale. Our solutions are rooted in our deep connection to our user base, which interacts in our thwack® online community to solve problems, share technology and best practices, and directly participate in our product development process.

Featured Resources:

Related Articles:

| LATEST FEATURED RESOURCES

White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]

    Downloads

      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors

          Close