NetFlow: Difference between revisions

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Revision as of 15:15, 12 July 2024 edit 142.105.62.104 (talk) No edit summary ← Previous edit		Revision as of 22:45, 9 August 2025 edit undo Bender the Bot (talk \| contribs) Bots 1,064,377 edits m →Support: HTTP to HTTPS for SourceForge Tag: AWB Next edit →
(4 intermediate revisions by 4 users not shown)
Line 25: * '''Flow exporter''': aggregates packets into flows and exports flow records towards one or more flow collectors. * '''Flow collector''': responsible for reception, storage and pre-processing of flow data received from a flow exporter. * '''Analysis application''': ~~ana lyzes~~analyzes received flow data in the context of intrusion detection or traffic profiling, for example. == Protocol description == Line 129: * One packet randomly selected in an interval of ''n'' packet, in Random Sampled NetFlow, used on modern Cisco routers. Some implementations have more complex methods to sample packets, like per-flow sampling on Cisco ~~Martinez~~ Catalysts. The sampling rate is often the same for all interfaces, but can be adjusted per interface for some routers. Line 188: * Rflow for [[Ericsson]] * AppFlow [[Citrix]] * [[sFlow]] vendors include: [[Alaxala]], [[Alcatel Lucent]], [[Allied Telesis]], [[Arista Networks]], [[Brocade Communications Systems\|Brocade]], [[Cisco Systems\|Cisco]], [[Dell]], [[D-Link]], [[Enterasys]], [[Extreme Networks\|Extreme]], [[F5 Networks\|F5 BIG-IP]], [[Fortinet]], [[Hewlett-Packard]], [[Hitachi]], [[Huawei]], [[IBM]], [[Juniper Networks\|Juniper]], [[LG-Ericsson]], [[Mellanox]], [[MRV Communications\|MRV]], [[NEC]], [[Netgear]], [[Proxim Wireless]], [[Quanta Computer]], [[Vyatta]], [[Telesoft ~~Technologies\|Telesoft]]~~, [[ZTE]] and [[ZyXEL]]<ref name="sFlow Vendors">{{cite web \| url = http://www.sflow.org/products/network.php \| title = sFlow Products: Network Equipment Line 288: \| \| [[Linux]] [[FreeBSD]] [[NetBSD]] [[OpenBSD]] \| \| v5, v9, IPFIX \| \| Software like fprobe,<ref>{{cite web \| title = fprobe \| url=~~http~~https://sourceforge.net/projects/fprobe/ }}</ref> ipt-netflow,<ref>{{cite web \| title = ipt-netflow \| url=~~http~~https://sourceforge.net/projects/ipt-netflow/ }}</ref> pflow,<ref>{{cite web \|author1= Henning Brauer \|author2= Joerg Goltermann \|url= http://bxr.su/o/share/man/man4/pflow.4 \|title= pflow — kernel interface for pflow data export \|website= BSD Cross Rererence \|publisher= [[OpenBSD]] \|date= 2014-03-29 \|access-date= 2019-08-09}} {{cite book \|section=pflow — kernel interface for pflow data export \|title=OpenBSD manual page server \|url=http://mdoc.su/o/pflow.4}}</ref> flowd,<ref>{{cite web \|url= http://ports.su/net/flowd \|title= flowd-0.9.1.20140828 – NetFlow collector \|work= [[OpenBSD ports]] \|date= 2019-07-17 \|access-date= 2019-08-09 }}</ref> [[Netgraph]] ng_netflow<ref>{{cite web \|author= Gleb Smirnoff \|url= http://bxr.su/f/share/man/man4/ng_netflow.4 \|title= ng_netflow — Cisco's NetFlow implementation \|website= BSD Cross Rererence \|publisher= [[FreeBSD]] \|date= 2005 \|access-date= 2019-08-09}} {{cite book \|section=ng_netflow -- Cisco's NetFlow implementation \|title=FreeBSD Manual Pages \|url=http://mdoc.su/f/ng_netflow.4}}</ref> or softflowd Line 294: \|- ! \| VMware servers \| \| [[vSphere]] 5.x<ref>{{cite web \|url=http://blogs.vmware.com/networking/2011/08/vsphere-5-new-networking-features-netflow.html \|title = vSphere 5 New Networking Features - NetFlow - VMware vSphere Blog\| date=15 August 2011 }}</ref> \| \| v5, IPFIX (>5.1)<ref>{{cite web\|url=http://www.vmware.com/files/pdf/techpaper/Whats-New-VMware-vSphere-51-Network-Technical-Whitepaper.pdf \|title=vSphere 51 Network Technical Whitepaper\|website=vmware.com\|access-date=1 July 2023}}</ref> \| \| Software