Skip to main content
Version: Next

Getting Started with NetFlow Optimizer

NetFlow Optimizer (NFO) is a powerful observability platform that transforms raw network telemetry into actionable insights. Follow these steps in order to get your deployment up and running.

Step 1: Apply Your License

NFO requires a valid license to ingest, process, and export data. Applying your license is the first thing to do after installation — NFO will not process data without one.

Log in to the NFO web interface, navigate to Platform Admin → System Settings, and upload your license file in the Licensing section. For multi-instance deployments, see NFO Apply a License.

Step 2: NetFlow, IPFIX & Cloud Flow Logs Analysis

Goal: Gain deep visibility into "who is talking to whom" across your network.

Configure your routers, switches, and firewalls to export flow data to the NFO Engine. NFO supports all major industry standards, including NetFlow v5/v9, IPFIX, and various Cloud Flow Logs.

  • NetFlow Setup Guide: Learn how to configure your exporters and verify that NFO is receiving data on the Status page.
  • Cloud Flow Logs: Instructions for ingesting AWS VPC, Azure VNet/NSG, Google Cloud VPC, and Oracle VCN Flow Logs.

Step 3: Infrastructure Monitoring (SNMP / MDT)

Goal: Map traffic flows to physical device health and automated inventory.

By layering SNMP polling or Model-Driven Telemetry (MDT) onto your flow data, NFO can provide context such as interface names, speeds, and device locations that are missing from raw NetFlow packets.

  • SNMP Setup Guide: Configure community strings, OIDs, and discovery intervals to populate the SNMP Information Monitor.
  • Auto-Discovery: Enable NFO to automatically find and monitor new devices as they appear on your network.

Step 4: Platform Integration

Goal: Send processed, enriched data to your SIEM or analytics platform.

Once NFO is processing data, point the output to your destination of choice.

  • Data Outputs: Configure the technical delivery of enriched flows via Syslog, Kafka, or HTTP Event Collector (HEC).
  • Integrations and Apps: Deploy pre-built dashboards and content packs for platforms like Splunk, Microsoft Sentinel, and Elastic to visualize your telemetry.