Cisco Logo


Enterprise Networks

Recently, SearchNetworking posted an interesting article titled “NetFlow v9 is powerful, so why isn’t anyone using it?” Shamus discusses many of the benefits of NetFlow v9:  deeper visibility into application traffic flows and application performance, and the ability to use NetFlow to consolidate and enhance other network management functions.  However, he ends on a sour note:  “but the technology is more complex to learn than the good old reliable v5.  Still enterprises will eventually be forced to make the transition.”

In his article, Shamus points out that customers may feel intimidated by the complexity of NetFlow v9.  I’d like to address this concern with a response.   If you are of my generation, you will no doubt remember carbureted automobile engines.

Maybe you or your dad spent Saturday afternoons tinkering with one in the garage, or maybe you were just caught off-guard when one morning the car wouldn’t start.  Netflow v5 is a lot like a carbureted engine:  it is very common, anyone familiar with it knows how it works, and it is easy to set-up.  Now, let’s fast-forward to the current generation of technology.

Modern cars have computers which constantly measure and adjust the performance of the engine.  If there is a problem with your engine, a light comes on.  Your mechanic can go into the computer and get detailed information that tells him what is wrong. And if you are the do-it-yourself type, you can buy a tool to read this data.

NetFlow v9 is just like your computer-controlled, fuel-injected automobile engine.  It offers detailed reporting on many different aspects of how your network is running.   With the right tool, this data is a powerful way to gain greater visibility into your applications and how they are performing.  But if you are still sitting in your shop with a vacuum gauge, a spark plug tester, and a timing light, then you no longer have the right tools to do the job.

NetFlow v9 does not add complexity for the IT user.  The rich functionality of Netflow v9 is exposed by tools that take advantage of the flexible flow templates that Netflow v9 provides.  If your tools are out of date, or not state-of-the-art, then the additional wealth of data available in Netflow v9 is discarded.  Still, discarded data does not equal complexity.  In the worst case, you migrate to Netflow v9 without gaining any new functionality (if your tools don’t support any of the new NetFlow v9 features).  But if you invest in a collector that can take advantage of this new functionality – then you gain an immense resource that will help you improve the quality of experience for your users.

As the  SearchNetworking  article correctly points out, migration to NetFlow v9 is inevitable.   One of the major investments Cisco made in NetFlow v9 was expanding the protocol to support the added complexities of 128-bit IP addresses (aka IPv6).  But that doesn’t mean you want to wait until you are in the midst of an IPv6 transition effort to deploy Netflow v9.  You can deploy Netflow v9 on your network today with minimal disruption, and if you purchase the right collector tools, you’ll be IPv6-ready when you start that transition.

NetFlow v9 offers increased functionality today for IPv4 and IPv6.  Visibility into application performance and network behavior will ultimately reduce your time to troubleshoot, simplify capacity planning, and thus ultimately decrease the complexity of owning and operating your network.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 90 days. Please visit the Cisco Blogs hub page for the latest content.

2 Comments.


  1. I have to agree that netflow is a very valuable tool. I have not seen a lot of open source collector support or customers willing to upgrade to commercial collectors that support v9.

       0 likes

  2. “Maybe you or your dad spent Saturday afternoons tinkering with one in the garage, or maybe you were just caught off-guard when one morning the car wouldn’t start. Netflow v5 is a lot like a carbureted engine: it is very common, anyone familiar with it knows how it works, and it is easy to set-up. Now, let’s fast-forward to the current generation of technology.”

    Great analogy. Agree. Technology advances and vendors/users need to keep up or get out.

    The increased complexity of FnF is well worth it. Especially when you start talking about Layer-7-aware flow telemetry such as Cisco’s recent NetFlowNBAR integration.

       0 likes

  1. Return to Countries/Regions
  2. Return to Home
  1. All Enterprise Networks
  2. All Security
  3. Return to Home