Proprietary versus Open-Source NetFlow Analyzers
Have you ever found that a network usage reported by your commercial NetFlow analyzer does not match the actual values or that software contains bugs? No worries, there is a single point of contact for any of these issues. You do not have to browse internet forums for hours and rely on the advice of anonymous volunteers with different levels of knowledge. You paid for the product, so you are entitled to support. You do not wait days or weeks and, in some cases even years, for a fix or patch.
In the case of even the best open-source NetFlow analyzers, you have no guarantee that the software will perform as you wish in your network. There may be compatibility issues with existing software or hardware or with future updates. Any update may pose a potential risk that the product will stop working. Therefore, you must rely heavily on a team of experienced administrators to maintain your product. The first rule of programming, “If it works, don’t touch anything” simply does not work in this case. At the very least, your IT team will be dealing with numerous security updates to the underlying software on which the open source NetFlow analyzer is built. On the one hand, you can easily add new features to the code or fix bugs if needed because the source code is publicly available. On the other hand, your investment in maintaining the product is likely to grow in the future. These are the hidden costs associated with maintenance.
It should also be mentioned that new NetFlow versions and their implementations are typically added early in commercial NetFlow analyzers. After all, it is in the company’s interest to have its product support these new versions and implementations and thus be more competitive.
There is one more important fact that we should mention. “Free” NetFlow monitoring tools are mostly trial software; they are fully functional but only for a certain period of time, e.g., 30 days. After 30 days, they automatically revert to the watered-down version and continue to function. However, they are limited in some way, e.g., by the number of supported interfaces or flow exporters, or they no longer support all features such as archive reports or historical flow statistics. These free products are often limited by the length of the retention period or the supported flow collection rate.
As we have already pointed out, most of the free versions of NetFlow analyzers essentially become demo versions after a predetermined period of time. But now, let us brag a little and explain why Noction’s Flow Analyzer is a top product that is very well suited to your long-term business needs.
Benefits of the Noction Flow Analyzer
The first what you notice when you install NFA is how easy and fast the deployment process is. It usually takes no more than 15 minutes. NFA is simple and works right out of the box, automatically detecting devices exporting flows within your network.
The performance of the entire ecosystem is important as well. With more than two terabytes per second peak processing performance for a single DB query, obtaining even the most complex query results is a matter of seconds for NFA.
Highly flexible reporting options are another key point where NFA excels. NFA supports customized widgets and dashboards with a large selection of sophisticated filters and metrics. Run any query using the NFA Data Explorer, save your query as a widget, and add it to the dashboard of your choice. Once the dashboard is created, you will have graphical representations of specific data for quick analysis of the network traffic and informational awareness. This dramatically speeds up the detection of DDoS attacks and other security issues, traffic surges, DNS request surges that might be caused by malware in your network. You can also create an alert based on different characteristics and parameters of your network traffic such as volume changes, frequency, specific traffic type existence, duration, baseline, or a complex combination of such characteristics. When such a condition is detected in your network, your IT or Cyber Rapid Response Team (CRRT) will be automatically notified by email or via Slack.
NFA is priced per license at a flat rate of $299/month or $2990/year ($598 savings) with no limitations in terms of network devices, interfaces, or sites added to the system. Custom pricing will apply to deployments with over 10K FPS. You may cancel your subscription at any time, no questions asked. You will be able to continue using NFA until the end of your billing cycle.
NFA also enriches the collected flows with BGP data from BGP tables obtained from border routers. NFA extracts BGP attributes, such as AS_PATH and compares the extracted data with the corresponding flow entry. This allows NFA to see and filter the entire BGP path, not just the next hop, first three, or last three AS numbers. To do so, NFA requires you to establish a BGP session between at least one of your routers and NFA.
And last but not least, Noction is a well-known, established technology company. The development and support plans for the NFA releases are therefore deterministic; thus, the product will never become abandonware. Upgrades to new releases are free, and support is provided 24/7 for any NFA license. You can also use this form to improve NFA by requesting new features or suggesting modifications to existing features.
In conclusion, commercial NetFlow analyzers have essential advantages, which are mainly guaranteed support, timely software updates, and fixes. NFA is a great tool that meets all these criteria and is very well suited to better monitor, manage and optimize network performance. Try NFA for 30 days completely free, and get in touch with us with your suggestions, comments, and ideas for improvement. They are important to Noction.