Providing fast access to applications and data while protecting digital assets are the two biggest challenges faced by network administrators. Performance and security represent the two-pronged mission that administrators find themselves facing every day.
The fact that Gartner created its first-ever market guide report on network traffic analysis tools earlier this year shows just how critical network monitoring has become. There’s also pressure from business executives. A recent SearchNetworking article reveals that undiscovered network brownouts cost businesses as much as $600K per year. And cybercrime is always top-of-mind for network administrators, and the situation is only getting worse. ZDNet reports ransomware attacks more than doubled from 2018 to 2019.
NetFlow to the Rescue
The NetFlow protocol developed by Cisco is one of the leading tools helping network administrators take on the challenges of performance and security. NetFlow enables you to collect, monitor and analyze traffic generated by your routers and switches to see where traffic originates, where it goes, and how much traffic your network is generating. The protocol has become an industry standard and is also supported by non-Cisco routers and switches.
Using NetFlow to monitor your networks and bandwidth utilization gives you visibility into performance so you can resolve issues faster and ensure you meet quality SLAs for applications and services. You can track the flow of applications and key services over all areas of your network—devices, servers, link connections—to gain insights into bandwidth utilization. You can also map out historical trends for capacity planning as well as proactively identify security issues.
Key NetFlow Solution Attributes
Many technology vendors provide NetFlow solutions in the form of hardware and software appliances that help network administrators manage the analysis of the protocol to increase application performance and oversee network traffic prioritization policies. They can also save money by eliminating costly bandwidth utilization issues.
Finding a way to save money is critical for any IT project but particularly when it comes to network monitoring. According to Persistence Market Research, limited IT spending by enterprises to reduce costs and increase ROI is restricting the growth of the network performance monitoring market.
So it pays to shop for the NetFlow solution that allows you to strike that delicate balance between capabilities and costs. Here are the key attributes to look for, which you can use as a checklist to compare NetFlow monitoring tools and select the one that will work best in your environment:
- Monitors bandwidth utilization in real-time to help plan for spikes in usage and avoid dropped packages and delays.
- Identifies interfaces, links, applications, users, and protocols that take up bandwidth over LANs, WANs, links and devices.
- Identifies internal and external traffic sources and destinations.
- Maps historical trends on users, protocols, applications and hosts consuming the most bandwidth.
- Applies Quality of Service policies and assigns sufficient bandwidth to ensure optimal performance for critical applications.
- Analyzes traffic patterns and usage over various time periods to identify potential bottlenecks.
- Facilitates network capacity planning
- Verifies bandwidth-based billing by ISP providers.
- Detects incidents that cause additional ISP charges such as network bursts.
- Generates real-time alerts when bandwidth thresholds are exceeded and usage violations occur.
- Helps proactively troubleshoot and resolve performance congestion.
The NetFlow monitoring tool you select should also allow you to configure flow-enabled devices automatically and support other popular flow formats, such as sFlow and JFlow. Another set of key attributes to assess are the solution’s security forensic capabilities. More specifically…
- Does the solution provide proactive alerts on rogue activity such as DDoS attacks?
- Can you detect unauthorized downloading and malicious behavior such as viruses and worms?
- Will you be able to identify high traffic-flows to unmonitored ports?
- Does the solution expose unauthorized application access, file sharing, and video streaming?
- Are you able to monitor traffic volumes between pairs of sources and destinations?
- Can you detect failed connections?
By deploying a NetFlow monitoring tool that features all of these performance monitoring and security capabilities, you can give yourself peace-of-mind and confidence—knowing your network is secure and that your bandwidth is effectively allocated.
A NetFlow Solution with Unique Security Capabilities
WhatsUp Gold is a solution that many network administrators have turned to manage NetFlow traffic analysis. The solution offers all the features to properly monitor network performance and bandwidth utilization while also scanning for security threats.
In the cybersecurity realm, WhatsUp Gold provides a unique capability. It monitors dark web traffic using NetFlow data from routers and switches to look for entry and exit nodes in the Tor network. The solution maintains a database of these nodes that are updated on a regular basis.
To see how this feature works and to download a free trial