Flow Publisher Overview
You know your network better than anyone else. Yet when your users complain that web pages are taking too long to load, or a critical internal application is timing out, you’re often at a loss to explain why. After all, users are only focused on whether their business applications are working right, while you have to think about much more, including managing the infrastructure that delivers those applications. So while you work hard to keep your network and servers healthy and running at optimal capacity - that’s not enough for your business users or your management. It’s almost as if you are conversing in different languages. And while you see the spikes in network traffic, you can’t pinpoint why and how they are affecting your applications.
You need to know what / who is on your network
With flow enabled network devices you can quickly see which users, applications, protocols and traffic sources are generating traffic and consuming bandwidth. Maybe some users are doing unexpected things – like streaming large files or doing backups during normal business hours. Or maybe it’s something dangerous – like a virus spreading on your network. But you can only see this on a flow-enabled network. What happens if you don’t have the luxury of turning on flow monitoring across the network – simply because your devices don’t support it or the cost of upgrading to new infrastructure is not in your budget. You’re destined to manage your network with only partial visibility.
Flow Publisher brings Traffic Analysis to Every Corner of your Network
Well, help is on the way. With WhatsUp Gold Flow Publisher, you can get unique insight and visibility into your network traffic for every device – whether they natively support flow monitoring or not. In short, Flow Publisher makes flow monitoring possible for every network segment and for literally every device. By capturing raw traffic from the network and converting it into standard NetFlow records, Flow Publisher puts you in complete control and conversing in a language your users understand.
Flow Publisher Allows You To:
- Activate network traffic analysis for every network segment and every network device
- Determine which traffic sources, apps or users are consuming bandwidth
- No costly upgrade of your devices is required to turn on application flow visibility
- Get alerted in real-time when monitored traffic parameters breach targeted thresholds
- Ensure business applications get the bandwidth they need
- You can access over 40 mobile and web reports for analysis & base-lining
Flow Publisher Features
Flow Publisher’s unique ability to capture and process raw traffic information from non-flow enabled devices or host systems, combined with the powerful analysis capabilities of Flow Monitor deliver the following features:
Flow Publisher Basics
- Simple, software only solution that can be deployed on any current Windows operating system
- Capture of raw traffic flows from any of the following:
- Port mirroring (SPAN or RAP)
- Network Test Access Points (TAP)
- Directly on Windows server platforms
- Creates NetFlow v1, v5 or v9 compliant records from raw traffic
- Maps device MAC addresses to reported interfaces
- Provides options to log flows and commands
- ACL’s for access to administration and configuraton
- Flow Publisher Management Console:
- Configuration and management of single or multiple agents
- Interface(s) from which to capture network traffic
- Mode and status for each interface in the probe (promiscuous or normal)
- Collector IP address to forward NetFlow records
- NetFlow version of flow data to send to a collector
- Local IP and port of the probe to forward flow records
- Active and Inactive timeout for flow record management
- SNMP index for the default input/output reported interface MAC Addresses to Interface indices mapping
Traffic Analysis and Monitoring / Troubleshooting Capabilities (in conjunction with Flow Monitor)
- Automatic classification of traffic by type and protocol in real-time
- Real-time identification of traffic flow patterns through the network
- Identification of traffic sources (top talkers) and destinations
- Identification of traffic destination by group, domain, top level domain (TLD), and country
- Pinpointing of internal and external traffic sources and destinations
- Conducting traffic identification and analysis for Quality of Service using ToS or DSCP
- Grouping of flow data based on common parameters, including IP addresses by domain, TLD or country
- Automatic identification of high traffic flows to un-monitored ports and highlighting of those ports as candidates for monitoring
- Uncovers unauthorized applications, including file and music sharing
- Detection of failed connections
Reporting (in conjunction with Flow Monitor)
- Access to over 40 flow management reports via WhatsUp Gold web and mobile access
- Automated rollup of flow data with hourly, daily, weekly, monthly and yearly views
- Displays flow information in custom formats
- Sorts and displays filtered reports by protocol, application, host, domain, TLD, country, groups or type of service
- Integration of flow reports with WhatsUp Gold workspace reports
- Access to WHOIS information for sender and receiver reports
- Display traffic information by bytes, packets or flows
Configuration and Management (in conjunction with Flow Monitor)
- Configuration of thresholds on multiple flow metrics via the Alert Center
- Configuration and management of flow data retention policies
- Configuration of flow logging levels
- Configurable support for non-standard ports and proprietary protocols
- Starting and stopping of flow services
- Setting of address resolution levels
- Access to flow database and service status, providing instant views of database parameters and running flow services
- Backup and restoration of flow database
- Apply custom names to flow interfaces
- Notification of database status
Flow Publisher software requirements
Flow Publisher hardware requirements
The following are the hardware requirements for the Flow Publisher:
| Processor(s) |
Dual-core |
Single-core |
| Processor speed |
2 GHz or more |
2 GHz |
| RAM |
1 GB |
< 100 KB |
| Network interface cards (NIC) |
1 Gbps (1+n) NICs, where n is the number of Flow Publisher capture devices. |
100 Mbps Minimum of 1 NIC when capturing local traffic on a server. Minimum of 2 NICs when capturing traffic copied from a network device. |
| Video display resolution |
800 x 600 or higher |
800 x 600 |
Flow Publisher Gives You Total Network Visibility
WhatsUp Gold’s new Flow Publisher extends flow monitoring visibility and analytics to non-flow supporting devices and Windows host systems.
Direct Benefits of Flow Publisher
- Extends standardized network traffic analysis and application flow visibility across the entire network
- Supports any switch, router or network device with Port Mirroring (SPAN/RAP ); network Test Access Point (TAP); or direct installation on Windows servers (standard or virtualized)
- Converts raw traffic into standardized NetFlow v1, v5 or v9 compliant records
- Cost-effective installation and low overhead operation
- As a small footprint, software-only solution it uses minimal CPU and memory resources
- Installs on any Windows based operating system and hardware
- Simple and flexible deployment model
- Agents can be located anywhere in the network enabling both broad and pinpoint traffic analysis
- Flow Publisher’s deployment doesn't require infrastructure upgrades or downtime
- Better insight and higher investment returns compared to legacy flow monitoring technologies
- More information, improved manageability and lower costs compared to RMON or packet analysis solutions
- With 100% raw traffic capture and processing it provides deeper visibility and insight compared to sampled sFlow and J-Flow
- Integrages seamlessly with WhatsUp Gold and Flow Monitor
- Access to over 40+ configurable Flow Monitor web and mobile reports
- Configuration of thresholds and alerting on typical flow monitoring parameters via the Alert Center