NetFlow is functionality built into network devices that collects measurements for each flow and exports them to another system for analysis. The source and destination ports, if any ( ICMP, for example, doesn’t use ports)įlow identifies a communication channel, and all packets sharing the same 5-tuple fields belong to the same flow.The source and destination IP addresses exchanging information.In more technical terms, a flow is defined by its 5-tuple, a collection of five data points: (Technically speaking, these communication channels can only be called connections when the TCP protocol is involved.) A flow refers to any connection or connection-like communication channel. When computers need to talk to one another, they establish communication channels, commonly referred to as connections. To fully understand what NetFlow is and why it’s used for network monitoring, we first need to know what a flow is. Sounds simple, right? Let’s dive a bit deeper. NetFlow is a network monitoring protocol, developed by Cisco, designed to capture measurements about the volume and types of traffic traversing a network device.
0 Comments
Leave a Reply. |