netflow

NetFlow is a network protocol and data collection framework originally developed by Cisco Systems to capture information about IP traffic as it enters or leaves an interface on a router or switch. NetFlow defines a flow as a unidirectional sequence of packets that share common attributes, such as source and destination IP addresses, source and destination ports when applicable, the protocol, and the ingress interface, along with timing and statistics like start and end timestamps and byte and packet counts.

In a NetFlow deployment, an exporter runs on network devices and generates flow records that are sent

Versions and evolution: NetFlow began with Cisco’s early implementations and evolved to NetFlow version 5, which

Deployment and limitations: A typical setup includes NetFlow-enabled devices (exporters), a collector, and analysis software. Some