Blog

SonicWALL NetFlow Reporting : IPFIX Support

Over 100 SonicWALL field people have been brought up to speed on the IPFIX capabilities of their next generation firewall.  This includes training on configuring SonicWALL IPFIX and NetFlow.

“As a Sonicwall system engineer, I’d have to say the level of support and rich reporting Scrutinizer provides to SonicWALL customers is phenomenal. So far, Scrutinizer is the only product on the market to report on all the unique template data we export via IPFIX. For example, Sonicwall is able to provide insight to actual users, applications (not just port based ones), urls, IPS events, and tons more via IPFIX. This functionality really helps network admins with regards to troubleshooting, reporting, and capacity planning. Further, Scrutinizer provides additional situational awareness of securtiy and network events with the Flow Analytics module.” Rob Andrews – SonicWALL Systems Engineer.

Details exported by the SonicWALL Scrutinizer in IPFIX include:

  • HTTP URL per connection
  • User Name
  • Application Detection
  • VoIP Details
    • Caller ID
    • Jitter
    • Packet Loss
  • VPN Details
  • Intrusions Detected
  • Viruses Detected

“Sure there are other netflow reporting products on the market, but none of them seem to focus on IPFIX and the extensibility it provides with templates like Plixer has. Bottom line – if you want to get the best reporting out of NetFlow and IPFIX, look no further than Scrutinizer. Especially if you are SonicWALL customer, you just won’t get that advanced reporting functionality elsewhere.”

sonicwall ipfix reporting
sonicwall ipfix reporting

SonicWALLs export over a dozen IPFIX templates with rich details that allow Scrutinizer to provide reports not yet available from any other vendor.  The team at Plixer worked with the SonicWALL software engineers early on in the development process.

“The above reports on URLs and VoIP are useful for monitoring cloud services.” said Marc Bilodeau – Founder.  “Because the exports include layer two MAC addresses and usernames, we can help their customers report on BYOD network traffic and the VPN reports are the first we have seen from any vendor.  This is truely a next generation firewall.”

SonicWALLs version of Scrutinizer retains all of the network monitoring support we have built in for Adtran, Cisco, Citrix, Enterasys, nBox, Riverbed, Vyatta and others.  With the recent acquisition of SonicWALL by Dell, Scrutinizer will provide continued value with Dell sFlow support.