License Key Information

We know that customers needs are different at different times and NetFlow Auditor therefore comes in scalable license tiers. A simple license change means that our customers investments are safe. So if budget only allows a small start, we provide the very best small start in the industry and the ability to add granularity and features. NetFlow Auditor is designed for Corporations and Service Providers both small and large. It is highly scalable and Telco grade.

Base License

  • Professional is suited to those environments who require very granular collection for troubleshooting, security forensics and compliance. It is built to archive 100% of the flows and requires approrpiate disk and processing resources.
  • Performance provides granular troubleshooting top traffic information and retains high top granularity for as long as you need.
  • Performance Plus Bundle provides Performance granular troubleshooting top traffic information coupled with our unique long term data archive that can be tuned for your exact for trending, capacity planning, baselining and billing needs. Suits both small and large environments.

Add On Options

  • Anomaly Detection license provides ability to automatically identify change (e.g. Intrusion Detection/Security/Compliance/Cost Management), Identify Nefarious Traffic, DDoS, SlowDoS, e-Vandalism. Detects threats and allows you to mitgate issues before they become bigger.Sensitivity can be retained as default for most environments and can be adjusted for special needs eg Defense/Banking/High Compliance.
  • Ultra Long-Term Trending/Billing license provides ability to measure and analyze data in a seperate data warehouse with tuning rules that allow for efficient and speedy long-term flexible baselining and comparative analytics and usage based or 95th percentile billing. Our unique long term data archive can be tuned for your exact for trending, capacity planning, baselining and billing needs.
  • Clustered/Helper Collectors allow NetFlow Auditor to be architected as a nfs cluster.
  • Hierarchical Collectors allow NetFlow Auditor to be architected as a collection of distributed collectors that populate one or more hierarchical collectors for centralized awareness.

Please email sales@netflowauditor.com if you require any other assistance.

What is the Difference between NetFlow Auditor Performance and Professional?

To better understand the differences between NetFlow Auditor Base Licenses use this grid and the information below:

        Performance Professional
    Base Config and Scaling      
    Flow Capture Mode (Bytes / Packets / Flows)1 Dependent on license key limit. Potential Records per Device per minute is 65535 for Performance and not-limited for Professional. Raw Flows subject to data collection Tuning or flow retention rate settings. top talkers per device per minute
    default: 5000
    100% Raw Flows
    Archiving Most complete Flow Archiving in the industry. Provides hours, weeks months and years worth of data complete Auditing capability of every minute for security and performance needs or hourly long-term trending for capacity planning and system architecture needs. yes yes
    Real-Time per Minute Data Archival   Unlimited Unlimited
    Long-Term per Hour Data Archival Ultra Long Term Trending / Billing Add-On Optional Optional
    Baseline Time Comparison Comparative analysis of each element across the time line. Gives the ability to identify which element caused the change and when. weekday, day, hour, minute

    With Plus : years, quarters, months, week
    years, quarters, months, week, weekday, day, hour, minute
    Multi Device Support1 Correlation and analysis of feeds from multiple appliances. Stand-alone, Cluster or Hierarchy Mode. Devices / Interfaces may be limited dependent on license tier. Subject to license Subject to license
    Operating System Support2   Windows or Redhat / Centos Linux Windows or Redhat / Centos Linux
    Sustained flows / second1 Subject to class of server (CPU, RAM, I/O, NIC), operating system, flow variance and number of devices and interfaces and flows per second collection tuning and flow retention license or rate setting Netflow Auditor can collect 50000 to 500000 flows/ second on single collector and millions of flows per second when scaled into a cluster or hierarchy. Avg 300000 flows/ second sustained or 1 million flows per second burst 30000 flows/ second sustained or 100000 burst
    Fault tolerant and scalable collection NetFlow Auditor was built from the ground up for scalability and utilizes scalable intelligent agent technologies (Bots) to manage large amounts of network traffic information in real time. yes yes
    Data Collection Tuning Collect only the data required. NetFlow Auditor provides strategic data collection tuning allowing inclusion / exclusion for collection and additional scalability yes yes
    Health Check Monitors the overall network health and export loss statistics. yes yes
    Flow Capture      
    NetFlow Captures Cisco NetFlow Data v1,5,7,9 and Flexible Netflow and flows from Cisco ASA, Nexus, ASR yes yes
    IPFIX Captures IPFIX data yes yes
    sFlow Captures sFlow (4.0.2 onward) yes yes
    sFlow Captures jFlow, NetStream, VMware yes yes
    NetFlow Auditor Base architecture      
    Flexible multi-option filtering Analysis Packet Size, Full Flow, Count, Deviation, Bidirectional, Cross sectional and Business group analysis. top all
    Scalability, Fault Tolerance and Self Healing Architected using Intelligent Agent Technology yes yes
    User Profiles Customizable login environment for each account with analytics for IP Owner to only view their Subnet or Device yes yes
    Hierachical Collection License based on number of Collectors monitored yes yes
    Scheduled Reports, Alerting and Templates      
    Unattended Analysis Alerting and Reporting or create drilldown templates for quick analysis of your specific needs. top all
    Anomaly Detection Alerting Add-on license based on active device license. Exception and/or threshold alerts on a wider range of events rising or dropping traffic to particular end point, rising/dropping protocol to end point, idle period to end point, standard deviations, network behavior anomaly detection baselines for each Measurement Profile Flows / bps / pps / Packets / Packet Size / Bytes / Counts / TCP Flags + Congestion Flags (8).
    A Minimum of 11424 Intelligent Baseline Statistics are learned for each Monitored Traffic Item. (4 Statistical baselines for each of the 17 Measurement Profiles for each hour for each weekday).
    optional optional
    Intelligent Baseline Learning   optional optional
    Scheduled Reporting Custom NetFlow Reports can be scheduled to run as a report. yes yes
    Standard Alerting Custom NetFlow Reports can be scheduled to run as a standard alert. yes yes
    Templates Custom NetFlow Reports can be saved as a Drilldown Template yes yes
    Standard Alerting Ability to set global real-time alerting thresholds based on changes in volume, destination, source or port and Time of day event alerting and thresholds yes yes
    SNMP traps   yes yes
    SNMP v3 Support   yes yes
    Email Delivery PDF, CSV. HTML. yes yes
    Report Repository PDF, CSV. HTML. yes yes
    On Demand Delivery PDF, CSV yes yes
    DDoS discovery   substantial complete
    P2P discovery   substantial complete
    ICMP floods discovery   substantial complete
    Nefarious traffic discovery   substantial complete
    Filtering and Display      
    100% Flow Capture Analysis Reports on which hosts, applications, protocols, etc. are using the least network traffic. no yes
    Top Analysis Reports on which hosts, applications, protocols, etc. are using the most network traffic. yes yes
    Flexible Filters Allow you to include or exclude any aspect of the flows to design exactly the report you need yes yes
    Menu bars and shortcuts Facilitate rapid analysis. yes yes
    Data Collection Tuning Ability to apply filters when performing a packet capture. yes yes
    Business / Location based Grouping Location based on specific pre-defined groups for target IP ranges. Used in conjunction with billing trending add-on provides fast 95th percentile and usage reports that can be delivered in csv format for easy integration into existing billing systems. yes yes
    Interface Analysis All interfaces can be analyzed regardless of flow limits yes yes
    Application based Grouping Application based on specific pre-defined groups or targets. top all
    Built in One-Click Capacity Planning Long-term Baseline trending. Compare any aspect over years, quarters, months Optional Optional
    AS Number reporting   all all
    QoS analysis   all all
    Bidirectional Analysis   interface full
    Multi-path Deduplication Exclusion reports provide automated ability to remove duplication when analyzing multiple routers or switches. top all
    Ingress/Egress Deduplication Detailed information when looking at a single device with multiple interfaces with ingress and egress enabled will de-duplicate when using v9 Flexible Netflow top all
    Packet size distribution   top all
    Route Path Analysis through multiple devices   top all
    Search for hosts or applications Across hundreds of routers/ switches. top all
    Device Grouping   all all
    Interface Grouping   all all
    Location Grouping   all all
    Subnet Grouping   all all
    95th Percentile Ability to create 95th Percentile (Or any percentile) for any measurement such as bps, packets, Extensive chargeback information - Provides byte, flow, packet counting and 95th percentile information from the interface down to the smallest addressable network unit or user. Enables complete flexibility on the combination of elements to be used for chargeback including Network AS, IP address, Ports, Applications, Locations or QoS. Providers can differentiate pricing based on time periods, server, content or route. partial optional
    True 95th Percentile billing1   partial optional
    Graph Types      
    Timeline   yes yes
    Timeline Extensive Full comparative analysis of each element across the time line yes yes
    Stacked Area   yes yes
    Stacked Area Extensive Full analysis including no flow periods yes yes
    Bar   yes yes
    Pie   yes yes
    Stacked Bar   yes yes

Next Steps

FREE DOWNLOAD

download arrow

Whitepapers


Product information


Brochures


Presentations and Galleries


Learning Events


Cisco NetFlow Configuration


Other NetFlow Configuration


sFlow Configuration


IPFIX Configuration

© 1998–2014 Netflow Auditor. All rights reserved.

Home   Features   About   Contact   Terms   Privacy   KnowledgeBase

NetFlow Auditor