NetFlow is a simple, effective way to increase visibility into traffic types and usage patterns across systems. The flow-generated data can be used to build relationships and usage patterns between nodes on the network. Routers and switches that support NetFlow generation can create Net Flow records. However the processor and memory requirements of enabling NetFlow on networking equipment can cause performance degradation that affect their ability to pass traffic without introducing latency and packet drops. Due to this processing overhead, sampled NetFlow is implemented in most of the high-end routers. Sampling one in every “n” packets for NetFlow processing can severely limit the visibility needed to monitor flows and fail to provide a comprehensive view network trend analysis. This is particularly important for Netflow based security analytics.
The advanced capabilities of GigaSMART® technology can be leveraged to generate unsampled NetFlow statistics from incoming traffic streams. Offloading NetFlow Generation to an out-of-band solution like the Gigamon Visibility Fabric™ completely eliminates the risk of degrading the performance of production network resources in generating these analytics. Combined with the flexibility offered by Gigamon’s patented Flow Mapping® technology, operators can pick and choose from the incoming flows to generate NetFlow statistics, without losing critical information. Support for NetFlow versions 5 and 9 and IP information export (IPFIX), enables seamless integration with standards-based collectors. NetFlow records can also be exported to multiple collectors concurrently, providing a single flow source for business-critical management applications such as security, billing, capacity planning, and more. Pervasive flow-level visibility across remote locations and Big Data environments can be used to derive accurate statistics such as usage patterns, top talkers, and top applications for effective capacity planning and enforcing security policies.
NetFlow-based data is summarized information and does not provide access to specific set of packets or packet payloads. Not having this information can also impede analysis around latency and jitter, application usage patterns, etc. Gigamon’s Visibility Fabric architecture is the first in the industry to summarize flow statistics as well as to provide the flexibility of aggregating, replicating, filtering, and forwarding raw traffic streams to monitoring tools for detailed troubleshooting and analytics.
The Gigamon Visibility Fabric thus establishes a scalable framework to deliver pervasive flow-level visibility across enterprises, data centers, and service provider environments to accurately secure, optimize, and manage their network infrastructure.