Components

Core

NetFlow Optimizer receives flow data from network devices, consumes and enriches flow information with other data, translates it to syslogs or JSON, and sends it to other systems where it is then correlated with other machine data and visualized. (Downloadable from NetFlow Logic’s web site – www.netflowlogic.com/download/).

External Data Feeder for NFO (EDFN) enables automatic updates of threat lists, GeoIP information, and VM names for VMWare vCenter integration. This component feeds this information to NFO.

EDFN could also be deployed in Amazon Web Services (AWS) enviroment to feed VPC Flow Logs to NFO. (Downloadable from NetFlow Logic’s web site – www.netflowlogic.com/download/).

Integration with Splunk

Technology Add-on for NetFlow must be installed on Splunk indexers and search heads in order for NFO to work with Splunk. It collects flow data processed by NetFlow Optimizer, and then this data is visualized by the Netflow Analytics for Splunk App. You need to have NetFlow Optimizer installed prior to installing this and all other NetFlow Logic Apps and Technology Add-ons. (The Technology Add-on for NetFlow is downloadable from Splunkbase at https://splunkbase.splunk.com/app/1838/).

NetFlow Analytics for Splunk App must be installed on Splunk search heads. It contains visualization dashboards and information for alerting. You need to have NetFlow Optimizer installed prior to installing this and all other NetFlow Logic Apps and Technology Add-ons. (Downloadable from Splunkbase at https://splunkbase.splunk.com/app/489/).

V2P Network Visibility Solution has two components. V2P Network Visibility for Splunk App and V2P Network Visibility Module together provide information for virtual and physical networks correlation. They enable virtual infrastructure administrators to determine whether a problem in virtual network communications is caused by a physical network device problem.

V2P Network Visibility for Splunk App must be installed in your Splunk environment. (Downloadable from https://splunkbase.splunk.com/app/2824/).

The V2P Network Visibility Module must be installed in your NFO. (Downloadable from NetFlow Logic’s web site – www.netflowlogic.com/download/).

NetFlow-based DDoS Detection solution brings new cyber defense capabilities to businesses by providing early detection of DDoS attacks before network devices and servers targeted by DDoS are incapacitated. Please contact trials@netflowlogic.com if you want to evaluate this solution.

Integration with VMware vRealize Log Insight

NetFlow Logic Network Metrics Content Pack must be installed on VMware vRealize Log Insight. It contains visualization dashboards and fields for search and correlation of flow information with other machine data. You need to have NetFlow Optimizer installed prior to installing this component. (Downloadable from NetFlow Logic’s web site – www.netflowlogic.com/download/).