We had to revisit NetFlow storage for a customer recently and reconfigure our appliance to save almost 100 terabytes worth of NetFlow, IPFIX and sFlow data from a mixture of hardware vendors.  The moderately sized financial agency was concerned about PCI compliance (PCI = Payment Card Industry) and wanted to save the raw flows in native format for over a year and have fast access when searching through it.  At over 1 billion flows per day, our NetFlow Calculator gave them a good idea on their storage space requirements.  We had to make provisions.

Up to 100 Terabytes of NetFlow Storage

The new configuration of our NetFlow server allows us to provide up to 100 terabytes of NetFlow storage with realtime access to all the history in less than 10 seconds. And since the NPPI (Non Public Personal Information) data is never exported in NetFlow, our NetFlow and IPFIX collector was an ideal fit.

From talking with the customer, it was interesting to learn that the NPPI must be protected/encrypted from the GUI (i.e. application or web page) all the way to the tokenization service.  The tokenization service substitutes the credit card number with a token which looks like a credit card number, but is theoretically impossible to use for hacking. The PCI Security Standard Council doesn’t want the customer to store the credit card number or other NPPI information.

Special thanks to a Brad Reese post which lead the customer to us.  If you need used Cisco hardware, contact Brad.

Mike Patterson author pic


Michael is one of the Co-founders and the former product manager for Scrutinizer. He enjoys many outdoor winter sports and often takes videos when he is snowmobiling, ice fishing or sledding with his kids. Cold weather and lots of snow make the best winters as far as he is concerned. Prior to starting Somix and Plixer, Mike worked in technical support at Cabletron Systems, acquired his Novell CNE and then moved to the training department for a few years. While in training he finished his Masters in Computer Information Systems from Southern New Hampshire University and then left technical training to pursue a new skill set in Professional Services. In 1998 he left the 'Tron' to start Somix which later became Plixer.


Big Data

Sankey Flow Graph

One of the greatest benefits of NetFlow collection for traffic analysis, is we’re provided with the ability to visualize the…

Leave a Reply