User Guide for the Cisco NetFlow Generation Appliance
Introducing Cisco NetFlow Generation
Downloads: This chapterpdf (PDF - 358.0KB) The complete bookPDF (PDF - 1.16MB) | Feedback

Introducing Cisco NetFlow Generation Appliance

Table Of Contents

Introducing Cisco NetFlow Generation Appliance

Key Features

Understand the User Interface and Command Line

Configuration Overview


Introducing Cisco NetFlow Generation Appliance


The Cisco NetFlow Generation Appliance (NGA) complements best-in-class switching platforms and off loads the NetFlow generation function. It receives packets from up to four 10-Gigabit ports and exports NetFlow data to up to six collectors in NetFlow version 5, 9, and IPFIX format.

You can deploy Cisco NGA at key observation places such as server access layer, fabric path domains, and internet exchange points to help simplify operational manageability. Simple to set up and easy to configure, the appliance is based on the UCS C200 server, so you can specify your specific configuration as needed. To set up your appliance, connect it to your switch devices and collectors, and set up a minimum set of flow components.

You can configure Cisco NGA using the lightweight graphical user interface or a more detailed command line interface.

This chapter contains:

Key Features

Understand the User Interface and Command Line

Configuration Overview

For details on how to use the CLI, see the Command Reference Guide for Cisco NetFlow Generation Appliance on Cisco.com.

Key Features

Table 1-1 details the key features of Cisco NetFlow Generation Appliance.

Table 1-1 Key Features 

Feature
Function
Benefit
Purpose-built, high-performance form factor

Throughput rate of 32+ Gbps, 64 million simultaneous flows, and more than 10 million new flows per minute.

Improve performance of forwarding devices by offloading NetFlow generation function.

100% accuracy with full flow visibility

Cost-effective application and traffic visibility in high-throughput ten-Gigabit networks.

Hop-by-hop flow visibility across multiple network segments.

Four 10G monitoring interfaces, up to four independent flow caches and flow monitors.

Various combinations of data ports, record templates, and export parameters can be associated with each independent flow monitor.

Independently collected packet streams from up to four switches or tap locations.

Configure different templates, cache, and export parameters for each monitored packet stream.

SPAN and network tap support

Use your switch SPAN function or hardware Ethernet tap to gain access to traffic at various strategic deployment points.

Improved return on investment (ROI) with flexible deployment choices.

Introduce NetFlow into any environment where it was previously unavailable or impractical.

Multiple collectors (up to six)

Flow replication or weighted round robin to load balance among multiple collectors.

Efficient use of NetFlow information across multiple management applications for monitoring, troubleshooting, capacity planning, and security.

Avoid overloading any single collector at high traffic and flow rates.

Advanced filters for custom export

Filter on any combination of fields to tailor the data flow for the particular collector application.

Reduce load on collectors and focus on the most important servers and traffic.

Tailor the flow data for particular types of management applications.

Application awareness

Traffic classification and packet inspection to determine the application associated with each flow.

Enhanced application recognition; the Cisco NGA recognizes applications on the basis of port, port ranges, and built-in heuristics.

Embedded GUI and command-line interface (CLI)

Simple embedded web server and command parser for configuration.

Easy and rapid configuration and deployment.

Reduce learning curve and improve productivity.

NetFlow Data Export (NDE) using version 5, version 9, and/or IPFIX.

Export data in all of the commonly used NetFlow formats.

Easily integrate with any standard NetFlow collector, including Cisco Prime Assurance Manager and Cisco Prime Network Analysis Module.


Understand the User Interface and Command Line

If you are familiar with advanced features of NetFlow and the use of a command line interface (CLI), you can configure the software using the CLI. For a comparison of what differences exist between the CLI and the user interface, see Table 1-2, "Feature Comparison."

All tasks that are in the graphical user interface can also be completed by using the command line interface (CLI). For example:

Configuration—Exporter, Monitor, Record, Destination, and Filter.

Show Commands—Exporter, Monitor, Record, Destination, and Filter.

To view a list of the commands, see the Command Reference Guide for Cisco NetFlow Generation Appliance.

Table 1-2 Feature Comparison 

Feature
User Interface
Command Line

Manage Device

X

X

Quick Setup of multiple components simultaneously

X

Must configure individual components separately.

Advanced Setup for multiple components

X

X

Filtering

X1

X

Administrative Tasks

X

X

Display status and counters

 

X

Upgrading application software image

 

X

1 Using Advanced Setup user interface only.


Configuration Overview

Configure the Cisco NetFlow Generation Appliance using the basic workflow in Table 1-3. You can choose the path you want to take to configure your flow components. This user guide contains quick and advanced workflows and explains why to use each workflow.

If you decide to configure a single set of flow components quickly using one user interface window, use the Quick Setup. The Quick Setup configuration is described in Chapter 2 "", "Getting Started" or in the Quick Start Guide for Cisco NetFlow Generation Appliance.

To configure multiple components and set up filters and record parameters, use the Advanced Setup (see Configure Filters).

To verify that packets are being received at the Cisco NGA data ports, NIC cards, exporters, or collectors, see Verify Flow Records Generated.

And finally, to configure the Cisco NGA, as well as view system and diagnostic details, use the Administration menus (see Access System Parameters or Diagnostics).

Table 1-3 leads you through the basic configuration steps. These are not necessarily in the order in which you need to perform them. All tasks are required unless designated optional.

Table 1-3 Configuration Overview

Action
Description
Where to Find It?
Comments
Install Cisco NetFlow Generation Appliance (NGA)

Install and connect the Cisco NGA.

See the Quick Start Guide for Cisco NetFlow Generation Appliance.

 
Configure your switch or router to forward traffic to Cisco NGA

To replicate packets from the switch or router to Cisco NGA, you must configure one of the following:

A Switched Port Analyzer (SPAN) session.

A network tap to replicate a source of packets and send those packets to the appliance.

Action required using switch or router CLI.

See your switch or router user documentation for details on how to configure SPAN or use a network tap.

System administration (Required and optional tasks)

Configure the current system time and SNMP community strings, as well as view current system network parameters (required) and access diagnostic details to assist with troubleshooting (optional).

Administration > System

Resources

Network Parameters

SNMP Agent

System Time

Administration > Diagnostics

Audit Trail

Tech Support

See Access System Parameters or Diagnostics.

Configure the Cisco NetFlow Generation Appliance

Configure Cisco NGA flow components.

Configure and activate flow monitor(s) on one or more of the appliance data ports.

Setup > NetFlow > Quick Setup

Setup > NetFlow > Advanced Setup

For Quick Setup, see Configure a Single Set of Components Quickly.

For Advanced Setup, see Setting Up Multiple NetFlow Monitor Instances.

Configure the managed device (Optional, for Nexus 5000 and Nexus 7000 Series switches only)

Configure your switch as a managed device so that Cisco NGA uses the switch's interface index values when exporting records.

Setup > NetFlow > Managed Devices

CLI command: managed-device

See Configure Your Traffic Sources.

Verify traffic activity

Verify that packets are being received at the Cisco NGA data ports, NIC cards, exporters, or collectors.

For example, CLI commands:

show dataport statistics cumulative

show dataport statistics rates

See Chapter 4 "Performing Administrative and Maintenance Tasks."

Detailed command information is not available in the user interface. For commands, see the Command Reference Guide for Cisco NetFlow Generation Appliance on Cisco.com.