Skip to main content
Version: Next

Getting Started with NetFlow Optimizer

NetFlow Optimizer (NFO) is a powerful observability platform that transforms raw network telemetry into actionable insights. To get the most out of your deployment, you should configure both traffic flow analysis and infrastructure monitoring.

Step 1: NetFlow & IPFIX Analysis

Goal: Gain deep visibility into "who is talking to whom" across your network.

Configure your routers, switches, and firewalls to export flow data to the NFO Engine. NFO supports all major industry standards, including NetFlow v5/v9, IPFIX, and various Cloud Flow Logs.

  • NetFlow Setup Guide: Learn how to configure your exporters and verify that NFO is receiving data on the Status page.
  • Cloud Flow Logs: Instructions for ingesting AWS VPC, Azure NSG, and Google Cloud flow logs.

Step 2: Infrastructure Monitoring (SNMP / MDT)

Goal: Map traffic flows to physical device health and automated inventory.

By layering SNMP polling or Model-Driven Telemetry (MDT) onto your flow data, NFO can provide context such as interface names, speeds, and device locations that are missing from raw NetFlow packets.

  • SNMP Setup Guide: Configure community strings, OIDs, and discovery intervals to populate the SNMP Information Monitor.
  • Auto-Discovery: Enable NFO to automatically find and monitor new devices as they appear on your network.

Step 3: Platform Integration

Goal: Send processed, enriched data to your SIEM or Analytics platform.

Once NFO is processing data, you need to point the output to your destination of choice.

  • Data Outputs: Configure the technical delivery of enriched flows via Syslog, Kafka, or HTTP Event Collector (HEC).
  • Integrations and Apps: Deploy pre-built dashboards and content packs for platforms like Splunk, Microsoft Sentinel, and Elastic to visualize your telemetry.