Skip to main content
Version: 2.10.1

EDFN Installation Guide

Intended Audience

This information is intended for anyone who wants to install, configure, or maintain External Data Feeder for NFO (EDFN). The information is written for experienced Linux or Windows system administrators who are familiar with virtual machine technology and data center operations.

Before You Install

If you are going to take advantage of NFO NetFlow enrichment functionality, such as GeoIP locations, Cyber Security Threat Lists, or process AWS VPC Flow Logs – External Data Feeder for NFO must be installed on the server with Internet access.


Starting with release 2.7, NFO and EDFN are packaged together and installed on the same machine by default.

If NFO is installed on the server with no internet access, EDFN should be installed separately, and EDFN installed together with NFO could be disabled. In any case External Data Feeder for NFO is administered through NetFlow Optimizer GUI.

Pre-Installation Checklist

Please be sure to have the following before you begin the installation of the External Data Feeder for NFO software:

  • You have to login as root for Linux and administrator for Windows installations and updates
  • You have successfully installed NetFlow Optimizer and you know its IP address

Minimum Requirements

NetFlow Logic distributes External Data Feeder for NFO as RPM or TAR.GZ for Linux, or as EXE for Windows.

Supported Platforms

You can install External Data Feeder for NFO on a platform with the following specifications.

LinuxLinux kernel 2.17+ on
WindowsWindows Server 2012 R2, 2016, 2019 (64-bit)
CPU, Memory, Disk SpaceCPU: Min 4 CPU cores; Memory: 2 GB; Disk Space: 2 GB

Required Network Ports

The following network ports must be allowed for outbound connections.

80/TCPExternal Data Feeder for NFO Agents Internet communication
443/TCPExternal Data Feeder for NFO Agents secure Internet communication
8443/TCPNetFlow Optimizer communication

Required Internet Destinations

The following Internet destinations must be allowed for outbound http-connections.

URLAgent list locations monitor OTX monitor Feeds addresses Feeds IP blocks
https://<custom.threat.list>Additional Security Threats list