Using NetFlow to Analyze Key Network Traffic


To properly monitor the performance of your network, you need easy access to two key types of data: performance metrics and Netflow.

Performance metrics includes data from key devices in your network, like routers, switches, access points, and more. Those metrics provide insight into how an individual device is performing. For example, how busy is a particular router? Is that router busier than normal?

Performance metrics give you the device perspective, but you need more. You need to know more about the traffic that’s flowing through your routers and other devices. You need to know who or what is sending the most traffic, and where that traffic is going. But you don’t want to incur the costs and overhead required to install probes or sniffers on every one of your network segments. That’s where the second key type of network data – NetFlow – comes into play.

NetFlow can be challenging to deal with, but the good news is that SevOne can help.

By leveraging NetFlow data, you can quickly and continuously monitor the makeup of traffic traversing your most critical links, and you can do it without probes or sniffers. With NetFlow data you can quickly spot bandwidth hogs and wasteful traffic, while also gaining a clearer understanding how applications are behaving on your network. These insights are important because they help you to make better decisions about traffic prioritization. They also help you to create policies aimed at reducing or eliminating wasteful traffic.

Benefits of Metric and NetFlow Traffic Analysis

SevOne Network Data Platform is designed from the ground up to provide you with the best and most advanced ways to analyze network performance metrics and NetFlow traffic, as part of a single integrated network performance monitoring system.  With SevOne, you can:

  • Quickly understand what is normal and what is not using machine learning
  • Easily leverage pre-built workflows to pivot between performance metrics and the reports on the NetFlow data for the same device/interface
  • Gain visibility into application and infrastructure behaviors without the cost and overhead of dedicated traffic probe solutions
  • Get a deeper understanding of traffic patterns, application usage, and types of service
  • Understand bandwidth use down to protocols and conversations for better planning of capacity increases and infrastructure optimization.
  • Turn your deep understanding of application traffic and infrastructure behaviors into actionable operational insights

Why SevOne for Integrated Metric and NetFlow Analysis

The SevOne Network Data Platform helps you take full advantage of valuable NetFlow data for use in network and application performance management. It is the industry’s most comprehensive, scalable and affordable solution for network performance metrics and NetFlow analysis.

With the SevOne Network Data Platform you can leverage integrated metric and flow analytics to gain insights into the performance of your applications and the behaviors of your infrastructure. It makes it easy for you to handle a range of tasks, such as spotting rogue applications, bandwidth hogs and congestion points. The SevOne Network Data Platform also reduces the time it takes to identify, troubleshoot and resolve issues. Overall, it enables effective application and infrastructure performance optimization, which, in turn, drives better user and customer experience.

A Simple Example of Integrated Metrics and NetFlow Analysis

We were recently working with a global financial services provider and they were leveraging the machine learning features of the SevOne Network Data Platform to automatically determine when something was normal and when it was not. Here’s a quick walk-through:

  • Step 1: Spotting a Capacity Issue on an Uplink The customer received an alert from SevOne Network Data Platform in the middle of the business day about high packet loss on one of their core uplinks.
  • Step 2: Using Integrated Metric and Flow to Identify Root Cause Using the integrated metric and NetFlow analysis of the SevOne Network Data Platform, the customer was quickly able to determine that there was a backup running across the link that was supposed to be running in the middle of the night. Mystery solved.


Combining device-level performance information with NetFlow data, and processing and analyzing quickly enough to make a difference, is a tall order for many IT and NetOps teams. Adding probes and/or sniffers isn’t a great option, so many teams have done their best without them.

Now there’s a smarter and more cost-effective way to put your network performance monitoring puzzle together. It’s the SevOne Network Data Platform. Some of the world’s largest and most demanding enterprises, carriers, and MSPs are using our Platform today to do just that. But it’s not only for big players. If continuous network performance is core to your business, SevOne can show you how the power of integrated metric and flow analysis can increase your operational efficiency.

Ready to learn more? Take the first, risk-free step and contact us today to set up a demo.