sFLOW

With the ever-increasing reliance on network services for business critical applications, the smallest change in network usage can impact network performance and reliability. sFlow is a sampling technology that meets the key requirements for a network traffic monitoring solution by adding more visibility into network.

sFlow consists of an sFlow agent and an sFlow collector. The sFlow agent sits on the switches (network access devices) and takes packet samples from the switching ASIC , bundles them into datagrams and sends to a central server (sFlow collector)

Some Applications of sFlow:

ü      Troubleshooting Network Problems

ü      Congestion controlling

ü      Security and Audit trail analysis

ü      Accounting and billing for usage

sFlow is open standard and supported by multiple vendors and thus adheres to open standard Networking. In contrast Cisco’s Netflow or Juniper’s Jflow are proprietary and available on only their own products.

Benefits of sFlow over Cisco Netflow

ü      Accurate: Because sampling is simple enough to be performed in hardware, it operates at wire speed. Consumes less CPU resources than Netflow.

ü      Detailed: Complete packet header and switching/routing information permits detailed analysis of L2-L7 traffic flows.

ü      Scalable: The sFlow system is scalable in both the size and speed of the network it can monitor. sFlow is capable of monitoring networks at 10Gbps, 100Gbps and beyond. Thousands of devices can be monitored by a single sFlow Collector.

ü      Timely: The sFlow Collector always has an up to the minute view of traffic throughout the entire network.

ü      Open standard: Multiple vendors can interact with sFlow and build an intelligent network.