Does anyone know if CA Network Flow Analysis can monitor SFlow or receive SFlow packets ?
Add a comment |
1 Answer
Yes:
CA Network Flow Analysis gives you insight into how application traffic is impacting network performance. It harvests flow statistics via Cisco IOS® NetFlow, IP Flow Information Export (IPFIX), sFlow, and J-Flow enabled routers and switches to provide a comprehensive view and analysis into flow-based traffic on the network. It also contains host-based anomaly detection capabilities for early warning of malware, tunneling, rogue user behavior and other performance threats.
Though sFlow typically doesn't give you as much detail as Netflow or J-Flow, but if you are running a switch that only supports sFlow (like Extreme) then yes it will monitor and report on it.
- Thanks ! Would you happen to know any specifics on sFlow ? Like whether NFA will listen on the default port or whether I need to enable a listener or anything ?Lawrence– Lawrence2013-09-13 02:29:00 +00:00Commented Sep 13, 2013 at 2:29
- I've setup sFLow in the past but it's been a few years. I don't have experience with NFA but if it supports it by default it should listen on the standard sFlow port (6343 I believe)TheCleaner– TheCleaner2013-09-13 02:33:50 +00:00Commented Sep 13, 2013 at 2:33
- It's not listening on port 6343...Guess it's time for trial and error :DLawrence– Lawrence2013-09-13 02:35:50 +00:00Commented Sep 13, 2013 at 2:35
- Looks like CA NFA will listen to sflow on port 9995, but the figures are wildly off.Lawrence– Lawrence2013-09-13 05:55:49 +00:00Commented Sep 13, 2013 at 5:55
- I've never used CA NFA, but you may reach out to them and see what the deal is. Sometimes it may be worth it to test with another open source sFlow collector and see if the data comparison checks out.TheCleaner– TheCleaner2013-09-13 13:03:57 +00:00Commented Sep 13, 2013 at 13:03