Think NetFlow has you completely covered? Think again...
by Paul Davenport Paul Davenport on

Ensuring that enterprise IT teams have comprehensive visibility across their app and network landscape has never been more critical. After all, enterprise network footprints are rapidly decentralizing as a wealth of cloud and SaaS solutions make the ability to support a distributed workforce possible. But most enterprise IT teams remain centralized and require cloud and SaaS tools of their own to be the “eyes and ears” on the ground for every end user in lieu of a human presence.

Think NetFlow has you completely covered? Think again...

But as with any enterprise technology in this day and age, network monitoring solutions are constantly evolving, and not all strategies are created equal. Simply put, what may have worked for monitoring your “hub and spoke” network just a few years ago may only give you a small glimpse into your network performance today.

That’s certainly the case for teams that still rely on NetFlow as the crux of their monitoring strategy today. While historically a popular method for packet analysis, especially given it’s ubiquity as a Cisco technology that’s compatible with some of the most popular networking hardware on the market, it’s limitations in the face of accelerated digital transformation at most businesses can ultimately restrict visibility into the business as a whole.

How so? Where do we begin, really…

For starters, collecting and analyzing flow data is an essential piece of understanding the end user experience across your network. Without the context of real-user traffic, IT can be caught off guard when users complain.

While NetFlow can provide a baseline, the average deployment is limited to a small percentage of total traffic due to sampling or capture locations.With the increase in Direct Internet Access (DIA) breakouts at remote locations, fewer packets are traveling through the data center or bottlenecks where it previously made sense to deploy NetFlow solutions. Combined with the overhead required for Layer 2 devices to generate and forward NetFlow data leaves enterprise IT otherwise blind real user performance. If teams are making capacity decisions or policy changes without considering this non-NetFlow traffic, they may end up paying dearly for it.

To that end, because most NetFlow sources are port-based, some of the most popular apps – business-critical or otherwise – will only be identified by their port number, leaving IT guessing as to which apps are “capacity hogs,” which are business-critical, and further informing use policy. Reviewing traffic only to find 80% of the overall traffic pie chart listed as TCP traffic through ports 443 and 80 can frustrate any analysis effort. Appneta employs a modern Deep Packet Inspection (DPI) engine that is updated monthly to include the most critical and the most impactful apps on today’s enterprise networks.

AppNeta employs lightweight, active, packet-train dispersion technology that can deliver granular network routing data in as little as 15 seconds – along with the ability to correlate apps and users to see hop-by-hop performance metrics. AppNeta’s purpose-built Monitoring Points provide more detail into traffic than NetFlow with less than 10% of the impact. App identification through DPI and data transfer occurs on AppNeta appliances instead of taking up resources on core infrastructure and limits the impact on the network by consuming less than half of 1% of overall capacity due to data compression.

As a SaaS solution, AppNeta Performance Manager is also always being updated and enhanced to feature the latest and greatest monitoring capabilities for our customers’ most pressing needs. This includes updated application definitions that immediately categorizes and classifies traffic for the latest apps.

Our platform offers a unique combination of active and passive monitoring techniques that allow visibility into the networks and applications that serve the enterprise. While active monitoring ensures that IT has a head start on resolving network issues, passive traffic analysis tells enterprise IT teams what users are affected and provides vital information for isolating the scope of issues.

We’re only scratching the surface on where NetFlow falls short in delivering the insights the modern enterprise needs to succeed.


6 Reasons NetFlow Falls Short
Download our whitepaper, 6 Reasons NetFlow Falls Short, to get the big picture.

Download Whitepaper

Filed Under: Performance Monitoring

Tags: direct to internet , DIA , enterprises , enterprise networks , network management , network performance monitoring , network monitoring , NetFlow