In commercial environments, NetFlow is probably the de-facto standard for network traffic accounting. nProbeis a NetFlow
v5/v9 probe
that can be used to play with NetFlow flows. This means that you can use nProbe:
- for analysing NetFlow flows generated by your border gateway
- replacing the embedded, low-speed, NetFlow probe available on your router or switch
- analyzing Gbit networks at full speed with no (or very moderate) packet loss exploiting nProbe
- as a NetFlow probe that sends flows towards a collector either ntop or a commercial one (e.g. Cisco NetFlow Collector or HP)
- both as a probe and collector (installing nTop collector option).
nProbe software is
- Available for Unix (including MacOS X), Windows, and embedded environments.
- NetFlow v9 support for efficient flow handling.
- Support for IPv4 and v6
- Limited memory footprint (less that 2 MB of memory regardless of the network size) and CPU savvy.
- Designed for running on environments with limited resources (the nProbe binary < 100 Kb) and embedded systems.
- It can be used to build cheap NetFlow probes using commodity hardware.
- Able to save flows on disk for later analysis or integration into an existing monitoring application.
- Fully user configurable.
- High-performance probe: commercial probes included those embedded on routers and switches are often not able to keep up with high-speeds.
- Ntop can be used as collector and analyser for NetFlow v5/v9 flows such as those generated by nProbe and commercial routers.
In order to satisfy the above requirements nProbe has been designed. Currently nProbe is a software application
available stand-alone or as an embedded system named nBox.
NetFlow is copyright Cisco Systems.
| 