IRP Resources

White Papers

Discover IRP features, review use cases and make informed decisions

Case Studies

Case studies and success stories to help in the decision-making process

Videos

Watch Noction IRP videos, screencasts and client testimonials

Manuals

Technical Noction IRP documentation, deployment instructions and datasheets

Tier 1 Reports

Get a first-hand network performance view of the major Tier 1 Carriers

IRP FAQ

See answers to the questions we get asked the most about Noction IRP

NFA Resources

NFA Documentation

Product overview, user guide and the deployment instructions documents

Tips and Tricks

Practical and useful info on NFA and the overall NetFlow analysis

NFA FAQ

A series of the most common NFA questions and answers

Guides & eBooks

View All Guides

1.2 Collector

The collector is one of NFA’s most important components. It receives, analyzes, and processes all traffic transiting the network and transfers data in a compatible mode to NFA Databases – MySQL and ClickHouse. It processes the most common types of Flow: NetFlow, sFlow, J-Flow, IPFIX, NetStream.

sFlow (6343 port) is a protocol designed for monitoring network, wireless and host devices. Developed by the sFlow. org Consortium, this protocol is supported by a wide range of network devices, as well as routing software and network solutions. sFlow, short for “sampled flow”, is an industry-standard for packet export at Layer 2 of the OSI model. It provides the means for exporting truncated packets, together with interface counters. It’s a packet sampling for an N number of packets with all required statistical information and expedited to the destination collector. The information details taken from the packet are the headers from Layer 3 and 4 and some information about the upper layers’ data only. For example, if the HTTP protocol is present, sFlow will guarantee data confidentiality since it will not extract the information from the packet and will not collect all network sessions.

NetFlow (2055 port) is an IP network statistics protocol developed by Cisco Systems, Inc. that offers the ability to collect IP session network traffic as it enters or exits an interface. By analyzing the data that is provided by NetFlow a network administrator can determine things such as the source and destination of traffic, class of service, and the cause of congestion. Juniper routers offer a similar feature called J-Flow which in its essence is the same Cisco NetFlow protocol.

Flow statistics are captured and stored in DB which NFA’s graphical interface subsequently offers to users as dashboards, charts, and reports with filtering, grouping, and aggregation functions.

Network devices should be first configured to forward Flow statistics to NFA in order for it to get the initial data to operate on. NFA listens to Flow stats on the default protocol ports. Flow ports can be changed from the Configuration Settings section of NFA’s Front End.

Set the frequency of Flow exports on network devices as frequently as possible. For best
results export intervals should be set to 1 min or even less.

Updated on Aug 7, 2024

Company News

Blog

About Us

Press Releases

Careers

Support

BGP Routing Information Base (RIB) Deep Dive

Noction IRP Quote

NFA Pricing

IRP Resources

White Papers

Case Studies

Videos

Manuals

Tier 1 Reports

IRP FAQ

NFA Resources

NFA Documentation

Tips and Tricks

NFA FAQ

Guides & eBooks

NOC as a Service

IP Transit Providers Assessment

Tier 1s Performance Dashboard

Tier 1 Carriers Report - January 2025

Noction IRP

Noction IRP Lite

Noction Flow Analyzer

NFA Documentation

1.2 Collector

+1-650-618-9823

sales@noction.com

Campbell, CA 95008, USA