License Key Information
We know that customers needs are different at different times and NetFlow Auditor therefore comes in three scalable license tiers. A simple license change means that our customers investments are safe. So if budget only allows a small start, we provide the very best small start in the industry and the ability to add granularity and features.
Performance License Key
Our Performance license scales well beyond other products in the NetFlow arena and is designed to provide only real-time functionality with Top Analysis data in line with the other NetFlow products Our Performance license offers an low-cost-entry option that still goes deeper in granularity than competitors and can still handle hundreds of devices. Enterprise license can also be coupled with Performance for fast ISP troubleshooting.
Professional License Key
Our Professional license provides a complete view of all the traffic and 100% raw flow capture. It enables you to have intelligence, anomaly detection capability and perform NetFlow Forensics far beyond any other NetFlow tool and includes intelligent baselining and long-term trending and also includes the ability to measure 95th percentile to 5 minute intervals for a month
Enterprise License Key
Our Enterprise license is Telco grade for very large flow captures. Options are available for service providers such as ISP’s Telco’s or Campuses who need a highly fault tolerant solution and for environments that have millions of flows per second.
Please email sales@netflowauditor.com if you require any other assistance.
What is the Difference between NetFlow Auditor Performance, Professional and Enterprise?
To better understand the differences between NetFlow Auditor Performance, Professional and Enterprise, use this grid and the information below:
| NFA Ver: 4.0.0/4.1.0 | Doc Version: 2.2 | ||||||
| Free Version | Performance | Professional | Enterprise / ISP | ||||
| Base Config and Scaling | |||||||
| Flow Capture Mode (Bytes/Packets/Flows)1 | Dependent on license key limit. Potential Records per Device per minute is 65535 for Performance and Unlimited for Professional and Enterprise. Raw Flows subject to what has been set in data collection Tuning. | 25 flows per device per minute | 1000 top talkers per device per minute Lite: 100 top talkers per device per minute |
100% Raw Flows | 100% Raw Flows | ||
| Archiving | Most complete Flow Archiving in the industry. Provides hours, weeks months and years worth of data complete Auditing capability of every minute for security and performance needs or hourly long-term trending for capacity planning and system architecture needs. | limited to last full 24 hour rolling window | yes | yes | yes | ||
| Real-Time per Minute Data Archival | 24 hours | Unlimited | Unlimited | Unlimited | |||
| Long-Term per Hour Data Archival | Long Term optional Bundled or Add-On | no | no | Unlimited | Unlimited | ||
| Baseline Time Comparison | Comparative analysis of each element across the time line. Gives the ability to identify which element caused the change and when. | last rolling 24 hours, minute | weekday, day, hour, minute | years, quarters, months, week, weekday, day, hour, minute | years, quarters, months, week, weekday, day, hour, minute | ||
| Multi Device Support1 | Correlation and analysis of feeds from multiple appliances. Practical limitation of 800 devices per screen. More when used with Hierarchy Mode. Devices may be limited dependent on license tier. License limited to Collector Servers and cannot be spread. Customer must advise how many servers he will place keys and how many devices he requires for each server. | limited to 1 device | Unlimited / subject to license | Unlimited / subject to license | Unlimited / subject to license | ||
| Operating System Support2 | Windows | Windows / Linux | Windows / Linux | Linux | |||
| Sustained flows/ second1 | Dependent on Number of devices (No sampling) | 300000 flows/ second | 300000 flows/ second | 150000 flows/ second | 1 Million flows/ second | ||
| Enterprise Collector Compliant | Highly Fault tolerant and scalable collection used on Linux only environments for Huge NetFlow collection. | no | optional license | optional license | n/a | ||
| Data Collection Tuning | Collect only the data required. NetFlow Auditor provides strategic data collection tuning allowing inclusion / exclusion for collection | no | no | yes | yes | ||
| Health Check | Monitors the overall network health and export loss statistics. | yes | yes | yes | yes | ||
| Flow Capture | |||||||
| NetFlow | Captures Cisco NetFlow Data v1,5,7,9 | yes | yes | yes | yes | ||
| IPFIX | Captures IPFIX data | yes | yes | yes | yes | ||
| sFlow | Captures sFlow (4.0.2 onward) | yes | yes | yes | yes | ||
| Ethernet | Captures Ethernet from Tap/Mirror/NIC (4.0.2 onward) | no | no | no | yes | ||
| NetFlow Auditor Base architecture | |||||||
| Flexible multi-option filtering Analysis | Packet Size, Full Flow, Count, Deviation, Bidirectional, Cross-sectional and Business group analysis. | top | top | all | all | ||
| Scalability, Fault Tolerance, and Self Healing | Architected using Intelligent Agent Technology | yes | yes | yes | yes | ||
| User Profiles | Customizable login environment for each account with analytics for IP Owner to only view their Subnet or Device | yes | yes | yes | yes | ||
| Hierachical Collection | Sold separately based on number of Collectors monitored (GA Release - TBA) | yes | yes | yes | yes | ||
| Scheduled Reports, Alerting and Templates | |||||||
| Unattended Analysis | Alerting and Reporting or create drilldown templates for quick analysis of your specific needs. | no | top | all | all | ||
| Anomaly Detection Alerting | Sold Separately based on the servers active device licenses Exception and/or threshold alerts on a wider range of events rising/dropping traffic to particular end point, rising/dropping protocol to end point, idle period to end point, etc. | no | optional/partial | optional/full | optional/full | ||
| Intelligent Baseline Learning | no | optional/partial | optional/full | optional/full | |||
| Scheduled Reporting | Custom NetFlow Reports can be scheduled to run as a report. | no | yes | yes | yes | ||
| Standard Alerting | Custom NetFlow Reports can be scheduled to run as a standard alert. | no | yes | yes | yes | ||
| Templates | Custom NetFlow Reports can be saved as a Drilldown Template | yes | yes | yes | yes | ||
| Standard Alerting | Ability to set global real-time alerting thresholds based on changes in volume, destination, source or port and Time of day event alerting and thresholds | no | partial | full | full | ||
| SNMP traps | no | yes | yes | yes | |||
| Email Delivery | PDF, CSV. HTML. | no | yes | yes | yes | ||
| Report Delivery Options | PDF, CSV. HTML. | no | yes | yes | yes | ||
| On Demand Delivery | PDF, CSV | yes | yes | yes | yes | ||
| DDoS discovery | partial | partial | complete | complete | |||
| P2P discovery | partial | partial | complete | complete | |||
| ICMP floods discovery | partial | partial | complete | complete | |||
| Nefarious traffic discovery | partial | partial | complete | complete | |||
| Filtering and Display | |||||||
| 100% Flow Capture Analysis | Reports on which hosts, applications, protocols, etc. are using the least network traffic. | no | no | yes | yes | ||
| Top Analysis | Reports on which hosts, applications, protocols, etc. are using the most network traffic. | yes | yes | yes | yes | ||
| Flexible Filter | Allow you to filter in/out exactly the information you need | yes | yes | yes | yes | ||
| Menu bars and shortcuts | Facilitate rapid analysis. | yes | yes | yes | yes | ||
| Data Collection Tuning | Ability to apply filters when performing a packet capture. | no | no | yes | yes | ||
| Business / Location based Grouping | Location based on specific pre-defined groups for target IP ranges. | top | top | yes | yes | ||
| Interface Analysis | All interfaces can be analyzed regardless of flow limits | yes | yes | yes | yes | ||
| Application based Grouping | Application based on specific pre-defined groups or targets. (version 4.0.2 onward) | top | top | yes | yes | ||
| Built in One-Click Capacity Planning | Long-term Baseline trending. Compare any aspect over years, quarters, months | no | no | yes | yes | ||
| AS Number reporting | top | top | all | all | |||
| QoS analysis | top | top | all | all | |||
| Bidirectional Analysis | interface | interface | full | full | |||
| Deduplication/ Full deduplicated | Exclusion reports provide automated ability to remove duplication when analyzing multiple routers or switches. detailed information when looking at a single device | top | top | all | all | ||
| Packet size distribution | top | top | all | all | |||
| Route Path Analysis through multiple devices | top | top | all | all | |||
| Search for hosts or applications | Across hundreds of routers/ switches. | top | top | all | all | ||
| Device Grouping, Location Grouping, Subnet Grouping | top | top | all | all | |||
| 95th Percentile | Ability to create 95th Percentile (Or any percentile) for any measurement such as bps, packets, Extensive chargeback information - Provides byte, flow, packet counting and 95th percentile information from the interface down to the smallest addressable network unit or user. Enables complete flexibility on the combination of elements to be used for chargeback including Network AS, IP address, Ports, Applications, Locations or QoS. Providers can differentiate pricing based on time periods, server, content or route. | top | top | optional/all | optional/all | ||
| True 95th Percentile billing1 | no | no | yes | yes | |||
| Graph Types | |||||||
| Timeline | yes | yes | yes | yes | |||
| Timeline Extensive | Full analysis including no flow periods | yes | yes | yes | yes | ||
| Stacked Area | yes | yes | yes | yes | |||
| Stacked Area Extensive | Full analysis including no flow periods | yes | yes | yes | yes | ||
| Bar | yes | yes | yes | yes | |||
| Pie | yes | yes | yes | yes | |||
| Stacked Bar | yes | yes | yes | yes | |||
| 1 - Approx. Operating environment dependent | |||||||
| 2 - Windows XP, Vista, Server 2003, 2008, Linux Redhat and Centos up to v4.0.0 use Linux 4.8. from v4.1 supports Linux 5.x | |||||||