NetFlow Generators at a glance
- Dedicated NetFlow generation
- Low space, weight and power consumption
- Sampled or unsampled outputs
- High-throughput capability
- Support for V5, V9 and IPFIX
- Central management
Endace NetFlow Generators
Generating NetFlow from routers and switches can take a significant performance toll on critical network elements, particularly at high line rates. In situations where element performance and network visibility are equally important it makes good sense to deploy a dedicated vendor-independent NetFlow generator to carry the load.
NetFlow is the primary input into a wide range of network performance monitoring tools, security detection and network planning tools. Endace NetFlow generators are able to deliver 100% accurate NetFlow on a sampled or unsampled basis in V5, V9 or IPFIX formats.
| 3040 | |
|---|---|
| Dimensions | 1 Rack Unit |
| Port count | 4 x 10Gbps |
| Power Supplies | 650W Redundant AC |
| Local Storage | 8TB |
| Max throughput | 30 Gbps |
Endace NetFlow Generator configurations
Dedicated NetFlow Generators are single rack unit systems. For multi-use environments EndaceProbes can also be deployed to generate NetFlow as part of an integrated NetFlow, full packet-recording scenario, which helps NetFlow based detection tools to deliver true response and root cause capability.
Performance and distribution
Endace NetFlow Generators can generate NetFlow from 30Gbps (or 16 million flows per second) before saturating. Using a Network Packet Broker multiple network links can be aggregated and fed into the 4 x 10Gbps monitoring ports.
Endace NetFlow Generators can be configured to forward NetFlow records over the management LAN or over the standard network as a UDP feed depending on the use case.
Deployment and management
Endace NetFlow Generators run OSm, our Operating System for Monitoring that gives the NetFlow Generator the same management features as EndaceProbes. Management features include: full central management capability for managing multiple appliances, SNMPv3 and IPMI.
NetFlow generation features
Key features
- Support for exporting IP Flow information records
- Support for template-based flow record formats
- Autonomous System (AS) support
- Combined flow analytics with packet-level analytics
Endace Netflow Generators support the most common NetFlow version v5. Since V5 only supports IPv4 Endace NetFlow generators also support NetFlow v9 and Internet Protocol Flow Information Export (IPFIX). IPFIX is a standards-based approach for IP Flow information and translates monitored traffic into template-based flow record formats.
Templates describe the information elements contained in an IP Flow record export and Endace NetFlow Generators assign a unique ID to each template. The template is described to the Flow collector as part of normal communication and is used for all communication from the Endace Genertaor to the collector. The Flow Collector caches the template and any records received and then parses the data and records its encounters using the template record in the cache.
Autonomous System (AS) support allows for the mapping of IP addresses contained in the Flow export to a geographical location; region and/or country. Endace NetFlow Generators provides AS support in conjunction with geographical location database provider MaxMind and their GeoLite data service. GeoLite data provides a non-invasive way to determine geographical and other information about the IP address in real time.
