The Sonicwall NetFlow Analyzer supports not only most industry standard IP flow protocols such as sFlow, jFlow, NetFlow, Flexible Netflow, and IPFIX, but it also specializes in sonicOS NetFlow reporting. It is, in my opinion, the best way to get the most out of SonicOS NetFlow.
Besides the traditional flow octets delta count, source and destination ports and source and destination IP addresses; SonicWALL brings more to the table. SonicWALL NetFlow support was introduced in SonicOS 5.8. Some benefits include network planning and monitoring, application and user monitoring, security analysis and more.
The SonicWALL IPFIX analyzer was specially designed to identify and report on NetFlow data generated by SonicWALL network devices. As illustrated in the following screen capture, reports include:
- Applications: What applications are consuming your bandwidth? Application example: Skype, Citrix, MSN Messenger, Facebook, etc.
- Intrusions, virus and Spyware: Network potential threat detection.
- Users: When “single sign on” is enabled to grant users access to the internet, SonicWALL NetFlow capable firewalls can export user information to the NetFlow collector allowing reporting on user accounts, user/workstation IP addresses, domain, and user bandwidth consumption.
- VPN: Details on your VPN tunnels and their traffic.
- VOIP: VoIP traffic information including: Jitter, Packet loss, Caller ID, Call utilized bandwidth.
- URLs: Visited web pages.
Do you have any experience with SonicWALL IPFIX implementation? If so, let us know in the comments!