Traffic Analysis & Accounting
Flow Monitoring in Every Corner of the Network
For a network manager it is often not enough to understand which devices or applications are under stress and facing performance or availability issues. Who or what is causing them to be in that situation is also critical to understand. Is the workload or bandwidth consumption driven by business activity and applications, or is it because there is a lot of social media site, video or audio streaming traffic? Or even worse, is it because of a malware attack that is causing company servers or workstations to communicate with an unrecognized external destination to which it is sending out sensitive company information? Even if the traffic is legitimate, for accounting purposes it would certainly be beneficial to know which applications, users, network segments or in aggregation - business units – are top users and consequently, how current costs can be allocated or future funding can be apportioned.
The WhatsUp Gold IT management platform and its Flow Monitor and Flow Publisher plug-ins offer the kind of in-depth insight into traffic analysis that network administrators would benefit from. With support for all popular flow protocols including NetFlow, sFlow, J-Flow and IPFIX, WhatsUp Flow Monitor provides complete coverage of flow-enabled infrastructure devices. When traffic volumes exceed expected levels it can alert network administrators via the consolidated Alert Center. Since not all network devices may be flow-enabled, Flow Publisher extends the traffic analysis and accounting capability to every server and network infrastructure. Flow Publisher’s software probes can passively track network traffic to and from network devices and servers and create NetFlow compliant records that are visualized through the Flow Monitor.
| Traffic Analysis and Accounting Challenge |
WhatsUp Gold Solution |
| Visibility into network bandwidth consumption |
The WhatsUp Gold IT Management solution provides visibility into top conversation pairs, senders and receivers, application protocols and much more for each network or server device and interface. For example, Flow Monitor intelligently identifies classifies and oversees NBAR traffic, including difficulty-to-classify protocols and applications that utilize dynamic TCP/UDP port assignments. |
| Proactively identify network congestion issues and ascertain success of traffic prioritization policies |
With comprehensive historical data at hand to perform trending analysis per device, interface, subnet or application – network managers can stay ahead of bandwidth capacity requirements. For example, Flow Monitor provides full visibility into Class Based Quality of Service (CBQoS) including pre and post policy traffic usage, including dropped packages.
Further, real time alerts provide immediate notification to network managers to potential areas and causes of congestion and speeds up problem resolution. |
| Detect instances of unauthorized or malicious network use |
With in-depth visibility into the type of traffic, network managers can set and verify policies that optimize QoS and support critical business applications. They can also identify spikes in failed connections or unidentified sender/receiver traffic to detect malicious network use. |
| Usage accounting for billing or budget allocation |
In addition to detailed flow records, WhatsUp Flow Monitor also offers reporting on 95th percentile usage – a common metric used by service providers to bill for bandwidth. This data can also be used internally for accounting and budget allocation. |
