What are key Cisco NetFlow limitations?

Q & A with Douglas Smith - President of network troubleshooting and analysis solutions vendor, Network Instruments.

Earlier this month, network troubleshooting and analysis solutions vendor - Network Instruments, announced GigaStor NetFlow Agent, which according to Network Instruments: "Allows engineers to utilize NetFlow data about any device in any environment. GigaStor captures and converts packets into NetFlow data flows, pushing it out to multiple destinations simultaneously. This is especially valuable for Network Behavior Anomaly Detection (NBAD) and compliance monitoring applications." In the Q & A below, Douglas Smith - Cofounder and President of Network Instruments, discusses the key limitations of Cisco NetFlow as well as the benefits of his new GigaStor NetFlow Agent: 1. So what are key Cisco NetFlow limitations?

Douglas Smith: There are several limitations that can prevent the use of NetFlow as a performance monitoring technology across an entire network. For companies using NetFlow-dependent reporting applications for NBAD, security, compliance or performance management, these limitations severely limit visibility to portions of the network.

Four examples of limitations that can prevent the use of NetFlow as a performance monitoring technology:

1) Non-NetFlow capable devices are blind to local traffic Typically, you need higher-end Cisco routers and switches to produce NetFlow data. Other infrastructure vendors provide comparable flow technologies in their higher-end offerings but none are as widely implemented as Cisco NetFlow. In most cases, companies have either legacy or non-NetFlow capable infrastructure. With many reporting applications depending upon NetFlow for monitoring performance, compliance, or security, non-NetFlow capable devices create large blind spots on the network. 2) Devices only export two flows Cisco NetFlow devices only allow you to export two flows to two NetFlow collectors. If a company has more than two reporting applications, decisions must be made that impact visibility and monitoring. 3) NetFlow overhead can overtax infrastructure Sending NetFlow can add too much overhead to already over-taxed routers and switches. The risk of overloading infrastructure already spread too thin, stops engineers from enabling NetFlow on their network. 4) Visibility limited to routed traffic NetFlow only shows routed traffic or packets. As a result, network engineers are blind to internal LAN and VLAN communications and activities. 2. What gave you the idea for creating NetFlow Agent?

Douglas Smith: Some of our larger customers discussed NetFlow's limitations with us and were looking for a way to expand the visibility of their NetFlow-dependent reporting applications. There were several spots on their network where they either wouldn't enable NetFlow or had non-NetFlow capable routers and switches. While handling NetFlow isn't a core competency of the company, our developers have a deep understanding of networks developed over the last 15 years. For the last three to four years, we've been expanding the incorporation of NetFlow and other flow technologies into our performance management platform. Most important, this was a customer need that didn't have a real solution, and we could easily develop something to address it.

sFlow and NetFlow provides extended visibility, probe delivers detailed drill-down 3. What are the benefits of GigaStor NetFlow Agent?

Douglas Smith: The GigaStor NetFlow Agent overcomes these issues by producing NetFlow data about any network device, including servers and non-NetFlow capable routers and switches. GigaStor captures and converts packets in NetFlow data flows, pushing them to reporting applications.

GigaStor NetFlow Agent Benefits

Produce NetFlow about any device
Expand visibility of NetFlow-dependent NBAD and compliance applications
Push flow data to multiple reporting applications simultaneously

Produce NetFlow from any device


What do you think are the key limitations of Cisco NetFlow?

BradReese.Com Cisco Refurbished - Services that protect, maintain and optimize Cisco hardware Contact: Brad Reese | Twitter: http://twitter.com/BradReese

  1. Cisco ISR G2 model comparison and module support
  2. Will Tandberg be tied solely to Cisco's call management platform?
  3. Woman accused of stealing $23M from Cisco bragged about her success on Classmates.com
  4. Outside of rah-rah talks from John Chambers, is Cisco wireless a disconnect?
  5. Cute adorable Cisco has become the target of data center switch vendor Arista Networks
  6. Will Cisco create a Tandberg channel partner stampede over to Polycom?
  7. Press release snafu burned $2 million per day of Nortel creditor cash
  8. Did the market for Cisco TelePresence hit a brick wall?
  9. Why aren't more people using Cisco's IP SLA?
  10. Juniper is about to make a strategic blunder
  11. A 10 year historical perspective on the worldwide CCIE count
  12. Zero Security CCIEs have been added to the worldwide CCIE count over the past three months
  13. John Chambers slams Cisco with $2.3 million in private jet expense
  14. Cisco's taking a beating in the Carrier Ethernet Switch/Router market
  15. Should you steer clear of grey market Cisco CCIE training companies?
  16. What's the biggest firewall issue for enterprises?
  17. Are Janus Friis, Niklas Zennstrom and Mike Volpi the three stooges of tech litigation?
  18. Vote for the best Cisco NetFlow hip-hop video on YouTube
  19. Cisco retail collaboration benefits calculator
  20. View Brad Reese on Cisco Story Archives
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.