For today, I put together a list with the software that I’m using when I’m testing network behavior in the lab. The software below is free, with some restrictions but is perfect to use it when you need a quick solution to monitor your network with Netflow, sFlow or jFlow.
All the proposed software have commercial version, so if you like then and you consider one for your company please get in touch with the company that develop them for more information about licenses.
- Quickly understand who is using the network and what they are doing.
- Enforce corporate acceptable network use policies.
- Rapidly identify the cause of any problems or abnormal traffic.
- Understand trends in usage and accurately target upgrades.
- Generate management reports on current and historical performance.
sFlowTrend is written in Java and will run on most platforms.
Solarwinds Netflow Analyzer
Solarwinds Real-Time NetFlow Analyzer captures and analyzes NetFlow data in real time to show you exactly what types of traffic are on your network, where that traffic is coming from, and where it is going. It displays inbound and outbound traffic separately for granular analysis that makes problem diagnosis quick and easy. You can view the historical NetFlow data broken out by application, conversation, domain, endpoint, and protocol. That way you know exactly how your bandwidth is being used and by whom.
- Investigate, troubleshoot, and quickly remediate network slowdowns
- Easily identify which users, devices, and applications are consuming the most bandwidth
- Isolate inbound and outbound traffic by conversation, application, domain, endpoint, and protocol
- Personalize NetFlow data displays to view traffic by specified time periods (up to 60 minutes) and by traffic type
- Customize refresh rates and display units for NetFlow traffic
Drawback for this free version is that it can record only up to 60 minutes, than you have to restart software to record again.
Available only for Windows platforms.
ManageEngine Netflow Analyzer
ManageEngine NetFlow Analyzer is a, web based (no hardware probes), bandwidth monitoring, network forensics and network traffic analysis tool that has been optimizing thousands of networks across varied industries for peak performance and helping them to put their bandwidth for a better use. NetFlow Analyzer is a NetFlow, sFlow, JFLow (and more) collector, analyzer and reporting engine integrated together.
- Real-time visibility into top applications and talkers in the network.
- Detection of unauthorized WAN traffic.
- Identify virus, worms and DoS attacks in real-time.
- Understand the history of security violations with alert reports.
- Recognize applications that use dynamic ports by performing a deep-packet inspection using Cisco NBAR.
- Real time reports with 1 minute granularity.
- Aggregated data stored for ever for historic reports
- Ability to view reports in different granularity – 10 min, hourly, daily, weekly, monthly, and custom time period.
The bad aspect is that you can use it only for 30 days. Then you have to buy it. There is a trick, that if you reinstall the product you can use it again for 30 days. I advice to use this trick just for personal use or for testing purpose.
Available for Linux and Windows.
Plixer Scrutinizer captures Cisco NetFlow, sFlow and other flow technologies and uses that data to monitor the overall network health. Reports on which hosts, applications, protocols that are consuming network bandwidth.
Custom NetFlow Reports allow you to filter (include/exclude) in on exactly the information you need. They can be saved and run again later.
- Adds several additional traffic analysis Report Types (e.g. Flows, Flow Volume, NBAR Support, etc.).
- Report on Top Applications, Conversations, Flows, Protocols, Domains, Countries, Subnets, etc., across dozens of routers and switches.
- Any saved report in Scrutinizer can be configured with a threshold to trigger an alarm.
- DNS resolution becomes automated and a constant process.
- Network traffic reporting and alarming on the internal network: SYN, NULL, FIN, XMAS Scans, RST/ACK worms, P2P, ICMP Unreachable, illegal IP addresses, excessive Multicast traffic, known compromised Internet hosts and more.
The bad part is that it drops the database after 24 hours. Still you can save the databases before this are dropped by the free version of Scrutinizer.
Available for Windows platforms.
Do you have any other alternatives that can help network engineer test their environment? Feel free to suggest in the comments form and if they are good I will add them to this post.