NetFlow definition
NetFlow is a network protocol designed for collecting IP network traffic data that enters or exits a particular interface. The original NetFlow protocol was developed (and is still owned) by Cisco Systems, Inc, but the word “NetFlow” has been adopted as a general term for all types of flow records and datagrams. NetFlow variants and derivatives often follow the “xFlow” naming pattern as a result.
NetFlow captures information such as the source and destination IP address, the source and destination port, transferred packets and bytes, and the timing of the transmission.
See also: data flow model
Netflow variants
- NetFlow: The term “NetFlow” legally refers to the protocol developed by Cisco. NetFlow was introduced in the 1990s as a packet switching technology for Cisco routers. The most recent version of the official NetFlow is v9.
- IP Flow Information Export (IPFIX): An IETF standard flow record format that is sometimes called “NetFlow v10.” IPFIX was developed as a more universal (non-proprietary) solution to analyzing network flow data.
- sFlow: A flow protocol and data record standard developed by InMon Corp. Unlike the original NetFlow, sFlow does not sample every packet or timestamp traffic flows — instead, it uses statistical sampling methods for flow documentation to reduce the amount of information that needs to be processed.
