Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10616
Views
19
Helpful
2
Replies

Netflow v/s Netflow-Lite

rthakker
Level 1
Level 1

‎03-14-2012 03:24 AM - edited ‎03-07-2019 05:33 AM

Dose anyone know major difrrence between Netflow v/s Netflow-Lite?

I am trying to understand if Cisco 4948E can do the same job as Cisco 4500E or not and difrrence between Netflow v/s Netflow-Lite will help me select correct product.

Thanks

Ritesh

Labels:
0 Helpful
2 Replies 2

Don Jacob
Level 1
Level 1

‎03-17-2012 03:40 AM

Ritesh,

NetFlow and NetFlow-Lite are both the same in reporting capabilities except that NetFlow-Lite is sampling based and is supported only by one reporting tool, which is nProbe. To use NetFlow-Lite with other flow analyzer tools, you need an  installation of nProbe which will convert NetFlow-Lite into traditional  NetFlow before it can be processed by flow analyzer tools.

nProbe is open source tool and is not very easy to setup. The reporting options may not be as extensive as in other flow tools like those from ManageEngine, Solarwinds, etc and is also limited to just NetFlow. If you are familiar with nProbe configuration and setup or you already use nProbe for NetFlow reporting, then you go ahead with NetFlow-Lite.

If you prefer a ready to use tool available in the market like ManageEngine, go for the switch which supports traditional NetFlow export. This way you need not have 2 tools in your network to get NetFlow reports.

Furthermore, if you have a multi vendor network which sends many different flow formats and need a single tool to monitor them all, with extensive reporting and graphing options, nProbe will not be sufficient and so go with the switch that supports traditional NetFlow.

Regards,

Don Thomas Jacob

www.netflowanalyzer.com

NOTE: Please rate posts and close questions if your query has been answered

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.

jakewilson
Level 1
Level 1

‎03-22-2012 06:12 PM

Hello Ritesh,

Our team worked directly with Cisco and the nProbe engineer on the NetFlow-Lite project.  NetFlow-Lite requires the nProbe or nBox to compile the sampled packets into traditional NetFlow or IPFIX.  Although, it is usually sampled data, there are some big benefits over traditional NetFlow from the 4500E.

  1. The nProbe will export next generation NetFlow v9 which means depending on the configuration, you can get details on:
    1. Server, client and application latency (round trip time)
    2. VoIP Jitter, packet loss, codec, caller ID
    3. Application recognition through DPI (Deep Packet Inspection)
    4. URLs !!!
  2. NetFlow-Lite can be used to perform 100% sampling on the uplink (unsampled).  You probably wouldn't leave it on but, it is possible and we set it up when Cisco sent us a 4948E for NetFlow-Lite interoperability testing.


This 'advanced' NetFlow does require a NetFlow Reporting tool like 'Scrutinizer' that can report on the data.   Also, setting up the nProbe is documented on our web site.  Call us with any questions you may have, many vendors don't really understand it. We even did a joint webcast with Cisco and nProbe on this topic:

Cisco NetFlow-Lite: Enabling Traffic Monitoring at Data Center Access

Date: May 31st, 2011
Presenters:
Ellie Chou: Product Manager for the Catalyst 4500, Cisco Systems
Luca Deri: Founder of ntop.org
Michael Patterson: Product Manager of Scrutinizer

So there you have it, two completely different opinions. 

Jake

www.plixer.com

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card