Benefits
NetFlow Optimizer enables you to process massive volumes of NetFlow (IPFIX, sFlow, Cloud VPC Flow Logs, etc) data, optimizing and enriching it in real time - ensuring that you get data where you need it in right formats.
Data Volume Reduction​
- Consolidation without loosing accuracy: flows from communicating peers are aggregated over short configurable period of time by source, destination, protocol, ports
- Deduplication: report only once, if the same flow is reported by several network devices
- Top traffic: configure Top N to significantly reduce volume keeping 99% accuracy
Flow Data Enrichment​
Add information not available in NetFlow records
- DNS names, VM names
- Applications
- User identity
- Cloud instance names, services, regions
- SNMP polling data
- GeoIP
- Reputation based on threat lists
Flow Stitching​
- Combine flow records for client-server conversations, reporting bytes in/out and packets in/out in one event
- Report network conversation state (Begin, Continuing, End) and conversation duration (based on TCP flags or timeout setting)