Network Flow and Data Analyzer

NetFlow - Cisco Product (Rebranded to IPFIX)

This tool collects all the packet metadata, not the entire packet.

A NetFlow exporter can be enabled on network devices such as switches, routers, and firewalls.

It uses a NetFlow collector to aggregate flows from the exporters.

Here are some of the items it collects:

• Source and destination MAC addresses

• Source and destination IP addresses

• Source and destination ports

• Packet and byte counts sent and received

• Timestamps

• TCP flags and encapsulated protocols

CompTIA Network+ Study Material