Platform Administration
The Platform Admin section provides essential information for administrators responsible for managing the NetFlow Optimizer (NFO). This section covers core system maintenance, security configurations, and user access control.
As a Platform Administrator, your focus is ensuring the NFO host is secure, properly licensed, and optimized for high-performance data processing.
Administrative Domains
System Settings
Configure the foundational parameters of the NFO engine.
- Licensing: Apply and manage license keys to enable data output.
- Server Parameters: Tune performance settings and manage the
server.cfgfile. - Backup & Restore: Safeguard your configurations and migrate settings between instances.
Security & HTTPS
Secure the management interface and internal communications.
- SSL/TLS Certificates: Replace default self-signed certificates with trusted CA-signed certificates.
- HTTPS Configuration: Manage port settings and secure web access.
User Management
Control who can access and configure NFO.
- Local Roles: Define Administrative and Read-Only user access.
- External Authentication: Integrate with LDAP or Active Directory for centralized identity management.
NFO Central
Scale your NFO footprint by moving from a standalone instance to a distributed architecture. NFO Central acts as the control plane for high-volume environments, enabling horizontal scaling and intelligent load distribution.
- Operational Modes: Define your node role as Standalone (all-in-one), NFO Central (control plane), or NFO Peer (worker node).
- Cluster Management: Establish secure connections between the Central node and multiple Peers using encrypted authentication tokens.
- Intelligent Load Balancing: Organize worker nodes into Peer Pools and configure automated rebalancing to distribute incoming flow traffic based on real-time ingestion rates and node health.
- Centralized Monitoring: Track the status, CPU load, and processing rates of all connected peers from a single, unified dashboard.
EDFN Admin
Manage the External Data Feeder for NFO (EDFN), which serves as the primary engine for cloud telemetry ingestion and multi-source data enrichment.
- Cloud Ingestion: Configure and monitor the ingestion of flow logs from major cloud providers, including AWS, Microsoft Azure, Google Cloud (GCP), and Oracle Cloud (OCI).
- Enrichment Services: Oversee the automatic updating of non-flow datasets used for contextual enrichment, such as GeoIP (MaxMind/IP2Location), Threat Intelligence feeds, VM metadata (VMware vCenter), Public cloud VM names, and Cisco ACI BD/Tenants mapping.
- Identity Integration: Maintain the connection to external identity systems (like Active Directory, Entra ID, Okta, etc.) to map user identities to network flow records.
- Security & Connectivity: Configure secure authentication between NFO and EDFN agents, manage HTTPS certificates, and define Proxy Server settings for environments with restricted internet access.