Internet Protocol Flow Information Export, or IPFIX in short, is an IETF standard that was created to monitor and export the flow of information across routers, switches, and other network devices. IPFIX is a common and universal standard that works well across most devices.
In general, every IPFIX tool performs the following functions.
- Allows the flow of data from any IPFIX-enabled device
- Unpacks the binary data flowing through the device and converts it into text and numeric formats
- Uses selective filtering and aggregation techniques to reduce data volume
- Stores the data in SQL database or in flat files
These functions can be broadly categorized into exporter, collector and analyzer. Exporter tracks key information about IP packets, encapsulates the same into UDP and sends them to a collector. In turn, the collector process this data from an exporter and stores it in database or flat files.
Finally, the analyzer converts this data into graphical and visual forms to help network engineers get valuable insights about network performance, monitoring, troubleshooting and more.
Here’s the Best IPFix Collectors & Analyzers of 2021:
Let’s take a detailed look at these IPFIX tools and Software and see what they have to offer!
1. SolarWinds NetFlow Traffic Analyzer – FREE TRIAL
SolarWinds NetFlow Traffic Analyzer supports IPFIX, NetFlow, sFLow, J-Flow and Huawei Netstream protocols. It’s a comprehensive tool for collecting and analyzing information and is also a part of the larger Network Bandwidth Analyzer pack.
Its features include:
- Monitors the network to discover traffic patterns.
- Works seamlessly with a range of different platforms
- Identifies which applications and protocols are consuming the maximum bandwidth.
- Collects traffic data from all the network packets
- Changes data from network packets into useable formats
- Analyzes data and presents it in the form of meaningful reports, charts and graphs to users through a web-based user interface
- Comes with PerfStack, a performance analysis dashboard that allows users to drag and drop performance metrics on a timeline, to get a visual correlation of data.
- Follows CBQoS policy optimization which means, it confirms that prioritized traffic coming from cloud or VoIP applications passes smoothly through the network.
- WLC traffic monitoring helps to monitor wireless networks.
Fully functional free trial is available below!
Price: Free 30-day trial – visit site for pricing information.
Official Trial Download: https://www.solarwinds.com/netflow-traffic-analyzer/registration
2. ManageEngine NetFlow Analyzer
ManageEngine NetFlow Analyzer is a great tool for Monitoring your IPFIX flow traffic within a single dashboard!
It provides great visiblity into your network traffic and allows you to parse IPFIX flow information to ensure your network is flowing smoothly and without any hiccups.
Features of ManageEngine NetFlow Analyzer include some of the following:
- Real-time Reports, Graphs and Alarms
- Program, Application and Protocol Monitoring options
- Customize your Dashboard to show important Protocols and Programs to monitor
- Grouping & Billing options
- QOS monitoring
- IP SLA & WLC Monitoring Capabilities
- and much More!
Click on the Link below to see Full Features & Download Free to get Started!
Official download: https://www.manageengine.com/products/netflow/index-new.html
3. Plixar Scrutinizer
Plixar scrutinizer is a powerful and scalable solution that thoroughly analyzes the data and provides rich insights on it.
Here’s a look at some of its features.
- Collects metadata and traffic flows from all the network packets and stores them in a database.
- Comes with advanced filters to give deep insights into the data
- Sophisticated reporting tool gives the right data at the right time to help business owners make appropriate decisions.
- Rapid delivery of insights increases efficiency and reduces cost for businesses
- Provides end-to-end visibility to help identify the root cause of any problem
- Scales easily to match network growth
- Supports fast time-to-resolution during security breaches
- Offers a proactive approach to security
- Supports many flow technologies such as Netflow, sFlow, IPFIX, JFlow, Netstream and more.
- Works well on VMware, Hyper-V 2012 and KVM.
- Public and private cloud deployments are available
Plixar Scruitinizer comes in four plans – free, MDX, SSRV and SCR. The table below gives the features available under each plan.
Description Free MDX SSRV SCR
| Flows Collected Per Second | 10K | 10K | 10K | 40K / Up to 10+ Million |
| Length of time raw flows are kept | 5 hours | 24 hours | Unlimited | Unlimited |
| Days of historical flow roll ups | 1 week | Unlimited | Unlimited | Unlimited |
| Number of Flow Exporters Supported | Unlimited | Pay by device | Pay by device | Pay by device |
| Flexible Licensing | Limited | Yes | Yes | Yes |
| Advanced Reporting on all vendor specific exports | Yes | Yes | Yes | Yes |
| Full Stitching and Deduplication | Yes | Yes | Yes | Yes |
| 3rd party integration (E.g. Splunk, Elastic Search, etc.) | Yes | Yes | Yes | Yes |
| Support for all versions of NetFlow, IPFIX, sFlow, etc. | Yes | Yes | Yes | Yes |
| Support for all vendor enterprise IPFIX elements | Yes | Yes | Yes | Yes |
| Ability to create filters to narrow in on traffic | Yes | Yes | Yes | Yes |
| All exporters index search for a host | Yes | Yes | Yes | Yes |
| Scheduled Emailed Reports (HTML & PDF) | No | Yes | Yes | Yes |
| Scheduled Email Top Interfaces | No | Yes | Yes | Yes |
| Export Data in CSV format | No | Yes | Yes | Yes |
| Saved Reports | No | Yes | Yes | Yes |
| Access to API | No | Yes | Yes | Yes |
| Report Designer to build new reports from flows | No | Yes | Yes | Yes |
| 8AM-5PM Eastern Time Technical phone support | No | Yes | Yes | Yes |
| Create Dashboards | No | Yes | Yes | Yes |
| Auto DNS Resolve host names | No | Yes | Yes | Yes |
| Configure and trigger notifications | No | No | Yes | Yes |
| CSV export of Tables (e.g. Alarms, Status, etc.) | No | No | Yes | Yes |
| Flow Hopper to show flow path – hop to hop | No | No | Yes | Yes |
| Set thresholds in saved reports to monitor traffic | No | No | Yes | Yes |
| Define IP Groups and Report | No | No | Yes | Yes |
| Multi Tenancy Module – keep selected data private | No | No | Yes | Yes |
| Threat Detection Algorithms | No | No | Yes | Yes |
| Business Hours Based Reporting | No | No | Yes | Yes |
| ASA ACL Descriptions | No | No | Yes | Yes |
| AWS Kinesis Streaming | No | No | Yes | Yes |
| Cisco : Source Fire eStreamer | No | No | Yes | Yes |
| LDAP, Radius, Tacacs Authentication Support | No | No | Yes | Yes |
| Number of login accounts | 2 | 5 | Unlimited | Unlimited |
| Number of security groups | 2 | 5 | Unlimited | Unlimited |
| IP address to user name correlation support | No | No | Yes | Yes |
| Optional 7×24 technical support | No | No | Yes | Yes |
| Unified Distributed Collector Support | No | No | No | Yes |
Price: The price is customized for each plan and the free version can be downloaded
Official Download: https://www.plixer.com/evaluate/scrutinizer/
4. nProbe
nProbe offers the same level of functionality for many flow streams, and this makes it ideal for large environments that have different monitoring environments. It is also ideal for bringing deprecated systems up to speed and at the same time, helps to save money and time for businesses.
Here’s a look into some of its important features.
- It collects and exports data from any device that can export in Netflow v5/v9 and IPFIX formats.
- Works on Linux, Windows and other embedded environments
- Provides Layer 7 application visibility, so it can monitor more than 250 applications including popular ones such as Skype and BitTorrent
- Offers complete support for IPv4 and IPv6.
- Consumes less than 2MB of memory, regardless of the network size
- Natively exports flows to Apache, Syslog, Kafka, Splunk and MySQL
- Collects sFlow flows and translates them to IPFIX or NetFlow.
- Comes with a multi-threaded architecture for large systems.
- Has a built-in VoIP traffic analysis
- Designed to run on environments that come with limited resources
- Gives an option to save flows on disk for later analysis
- It can be used as a probe, probe and collector, collector or even a proxy, depending on the business needs.
- Highly scalable and fully configurable
Price: nProbe comes in varying price structure. nProbe Embedded for ARM and Linux is priced at 49.95 Euro, nProbe Standard is 149.95 Euro, nProbe Pro with Plugin support is 299.95 Euro and upgrade nProbe package from standard to pro is 149.95 Euro respectively.
nProbe is available at no cost for non-profit organizations and universities.
Official Download: Ntop.org/products/netflow/nprobe/
5. IsarFlow
IsarFlow is another good choice for monitoring IPFIX and NetFlow data. This network monitoring solution comes with a GUI-based personalized reporting tool, so each person can view the information that is important for them. Such a personalized approach makes IsarFlow ideal for individuals who work together to monitor a network.
Besides personalization, here is a look at its other features.
- Collects, stores and processes NetFlow, IPFIX and SNMP data to give deep insights into the data patterns.
- It is based on a distributed database architecture for the best scalability.
- Facilitates efficient network capacity planning
- Helps to develop QoS strategies
- Recognizes vulnerabilities and viruses early
- Makes it possible to monitor data from various sources using a single threshold definition.
- Offers a single server setup that is perfect in situations where a single analyzer handles the overall network load.
Price: Contact the sales team for pricing.
Official Download: https://isarflow.com/home/
6. FlowViewer
FlowViewer is a dynamic and web-based front-end for two open-source data collectors and analyzers, namely, Flow-tools suite from Mark Fullmer and SiLK from the Carnegie Mellon NetSA group. This tool was originally developed for NASA’s Earth Sciences Data and Information System Network, but it is also used extensively by users of SiLK and Flow-tools.
Some interesting features of this tool include:
- Enables users to create text-based reports from network data.
- Many different reporting formats are available to suit the preferences of different users
- Helps to create graph-based reports with textual explanation.
- Maintains the long-term history of a particular traffic subset. Users can choose from daily, weekly, monthly, yearly and three years option.
- Allows the use of both Flow-tools and SiLK simultaneously.
Price: This is an open-source tool that’s available for free.
Official Download: https://sourceforge.net/p/flowviewer/wiki/Home/
Conclusion
To conclude, IPIX collectors and analyzers give abundant information about a network’s health and performance. These IPFIX tools collect information from network packets, correlate them and give the information you need in a concise form.
We highly Recommend giving them a Download and testing in your Environment – every software package from above has different feature and capabilities as well as price points.
