Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

161

162

163

164

165

166

167

168

169

170

May 18, 2011 Page 1 of 21

Configuring NetFlow

ThisdocumentdescribestheNetFlowfeatureanditsconfigurationonEnterasys

N‐Series,

S‐Series,K‐Series,andX‐Seriesmodularswitches.

What Is NetFlow?

NetFlowisaflow‐baseddatacollectionprotocolthatprovidesinformationaboutthepacketflows

beingsentoveranetwork.NetFlowcollectsdatabyidentifyingunidirectionalIPpacketflows

betweenasinglesourceIPaddress/portandasingledestinationIPaddress/port,usingthesame

Layer3protocolandvaluesfoundin

afixedsetofIPpacketfieldsforeachflow.NetFlowcollects

identifiedflowsandexportsthemtoaNetFlowcollector.UptofourNetFlowcollectorscanbe

configuredonasupporteddevice.ANetFlowmanagementapplicationretrievesthedatafromthe

collectorforanalysisandreportgeneration.

Why Would I Use It in My Network?

Standardsystemfeedbackissimplynotgranularenoughtoprovideforsuchnetwork

requirementsasplanning,userorapplicationmonitoring,securityanalysis,anddatamining.For

example,becauseofitsabilitytoid entifyandcapturenetworkflows,NetFlow:

•Providesameanstoprofileallflowsonyournetworkoveraperiod

oftime.Anetworkprofile

providesthegranularityofinsightintoyournetworknecessaryforsuchsecurenetwork

functionalityasestablishingroleswithpolicyandapplyingQoStopolicy.

•ProvidesameansofisolatingthesourceofDoSattacksallowingyoutoqu icklyrespondwith

apolicy,ACL,QoSchange,or

allofthesetodefeattheattack.

•Canidentifythecauseofanintermittentlysluggishnetwork.Knowingthecauseallowsyouto

determinewhetheritisanunexpected,butlegitimate,networkusagethatmightbe

For information about... Refer to page...

What Is NetFlow? 1

Why Would I Use It in My Network? 1

How Can I Implement NetFlow? 2

Understanding Flows 4

Configuring NetFlow on the Enterasys S-Series, N-Series, and K-Series

Modules

Configuring NetFlow on the X-Series Router 11

Terms and Definitions 14

NetFlow Version 5 Record Format 14

NetFlow Version 9 Templates 15