Senior Editor Denise Dubie guides you through the latest developments in management tools and services.
Enterprise Management Associates has been talking with NetFlow adopters and is coming out with a short report as part of a larger research report on application flow management. There are clear indications that NetFlow adoption is on the rise. Why? I have some answers, but I’m holding finalization of the report for your input.
What are your experiences - good, bad and in between - regarding NetFlow?
For those of you who don’t know, NetFlow, much like RMON-based probes, can give you information on where, why, how and by
whom specific applications are being used and how the usage might affect the network. NetFlow is a part of Cisco’s IOS software,
and the current version, 9, is currently moving toward standardization in the IETF as IPFIX. Networking vendors other than
Cisco, such as Enterasys and Juniper, are taking a role in shaping the standard, and are already showing interest in adopting
IPFIX. This, of course, makes NetFlow/IPFIX far more attractive as a consistent source for information about application flows
over a network in heterogeneous environments.
NetFlow provides the following information:
* IP address source (who is sending an application service?)
* IP address destination (who is receiving service?)
* Source port (what application is it?)
* Destination port (what application is it?)
* Layer 3 protocol type
* Class of service
NetFlow is instrumented to capture inbound traffic only, so typically instrumentation at both ends of a link is required.
Service providers have been inclined to use NetFlow for years. They have been attracted by its scalability in large WAN environments; its abilities to help support optimal traffic flows across peering points; its use in assessing infrastructure optimization on a per-service basis; its value in troubleshooting service and security issues; and its foundational capabilities for chargeback and service accounting.
However, NetFlow is far from a panacea. It does nothing to provide application response time, and its ability to identify applications based on port signature is far from adequate given the growing trend toward dynamic port allocation. Moreover, in the past, NetFlow was difficult to implement and a hog on performance. It was, therefore, virtually best practice not to turn it on in most IT shops.
Denise Dubie is senior editor with Network World.
Partner Content
NetScout and analyst Jim Metzler have teamed to deliver a series of IT Briefs on Network and Application Performance Management leveraging research from NetScout's nGenius & Sniffer users.
www.netscout.com
Metzler on Service Delivery Management
Delivering IT business value by evolving our thinking from managing application performance to focusing on services.
Learn More
2009 Handbook of Application Delivery
Successful IT organizations must know how to make the right application delivery decisions in these tough economic times.
Download the Handbook
Metzler on the Modern IP Network
Discusses the growing emphasis on network management and the need to implement a holistic view of the end-to-end experience of the user.
Read the Brief