- NetFlow data provide a more granular view of how bandwidth and network traffic are being used than other monitoring solutions, such as SNMP. NetFlow was developed by Cisco and is embedded in Cisco’s IOS software on the company’s routers and switches and has been supported on almost all Cisco devices since the 11.1 train of Cisco IOS Software.
- Netflow sensors can help you analyze all the traffic on your network. To have relevant data, I advise you to set up this type of sensor on a core network or a firewall.
- Sophos Netflow Analyzer
- Netflow - Docs.sophos.com
- Sophos Netflow Prtg
- Sophos XG Firewall: How To Connect With Netflow
You can add, update, or delete Netflow servers. The device offers Netflow, a network protocol, to monitor network bandwidth usage and traffic flow. Netflow records of source, destination and volume of traffic are exported to the Netflow server. The records help you identify the protocols, policies, interfaces and users consuming high bandwidth. Data analyzing tools like Open Source Data Analyzer and PRTG software can generate reports from the Netflow records.
Netflow configuration
- Enter the Netflow Server name.
- Enter the Netflow server IP/domain. You can enter IPv4 or IPv6 addresses.
- Enter the Netflow server port number (UDP port). Records are sent to the Netflow server over the specified port.
Default: 2055
Oct 21, 2020 Sophos XG firewalls support NetFlow v5. You can export all the parameters of v5. You can add up to five separate NetFlow servers.
Sophos Netflow Analyzer
Netflow - Docs.sophos.com
Note Traffic of only those firewall rules that have Log firewall traffic enabled is sent to the Netflow server.
Sophos Netflow Prtg
Note You can configure up to five Netflow servers.
Sophos XG Firewall: How To Connect With Netflow
Note Sophos supports Netflow v5. You can export all the parameters of v5.