RFC 9234 introduces a novel mechanism that leverages the BGP Role to prevent and detect...
Noction Flow Analyzer is a flow-based monitoring and reporting software tool that collects, stores, and presents traffic data across an entire network. NFA enables engineers to optimize their networks and applications performance, control bandwidth utilization, and perform network capacity planning. It also allows for detailed BGP peering analysis, provides insights into potential security issues, and allows engineers to minimize network incident response time. NFA supports NetFlow, J-Flow, sFlow, IPFIX, and NetStream. It has customizable reporting, alerting, and support for 400 days worth of level 3 data aggregation by default.
To get started with Noction Flow Analyzer, you can sign up for a free trial. The trial is fully featured, and allows you to see how NFA can fit in your network environment. After you sign up, you’ll receive an email with instructions for how to install, license, and configure NFA.
To make the full use of all NFA features, we recommend using the trial in a production environment. NFA should be installed on a dedicated server (physical or virtual) that meets the following software and hardware requirements:
Minimal Hardware Requirements:
– x86_64 architecture
– 4-core CPU with SSE4.2 support
– 32GB of RAM
– 250GB SSD storage allocated to the /var partition
Recommended Hardware Requirements:
– x86_64 architecture
– 8-core CPU with SSE4.2 support
– 64GB RAM; 128GB RAM – optimal
– 500GB SSD storage allocated to the /var partition
– CentOS 7 x86_64 Minimal
– CentOS 8 x86_64 Minimal (Clean Install)
– Ubuntu 20.04 LTS
There are different installation instructions based on which operating system you choose.
Installing NFA on a server running CentOS:
– From an elevated command prompt, run this command to configure the NFA repository
rpm -Uvh http://repo-nfa.noction.com/nfa-repo-0.1.0-0.noc.noarch.rpm
– Set SELinux to the permissive state for proper NFA components operation
– The SELINUX parameter must also be changed to permissive in the /etc/sysconfig/selinux configuration file. Add SELINUX=permissive to the SELinux config file, and save your changes.
– Install Noction Flow Analyzer
yum install nfa
Installing NFA on a server running Ubuntu:
– From an elevated command prompt, run these commands to configure the NFA repository
curl -sLO http://repo-nfa.noction.com/ubuntu/nfa-repo_0.1.0-noc.deb && \ dpkg -i nfa-repo_0.1.0-noc.deb && \ curl -L http://repo-nfa.noction.com/repo.gpg | apt-key add -
– Install Noction Flow Analyzer
apt update apt install nfa
FirewallD is the default daemon responsible for firewall security on CentOS 7 and 8. Make sure to open HTTP/HTTPS, BGP, and Flow ports as needed. By default, the NFA system listens on the following ports:
– NetFlow port 2055
– sFlow port 6343
– These ports can be adjusted in the NFA configuration if needed
We also recommend whitelisting the IPs that should have access to your server for maximum security. If you need additional help with this, please contact us at firstname.lastname@example.org
Accessing the NFA Front End
Once the installation is complete, the NFA Front End will be available at the hostname of your device. The NFA frontend runs on port 443 (https). To access it, open a web browser to https://yourhostname or IP address. The default username and password is admin/admin. For security purposes, we recommend that you change the default password to your account under your profile settings upon the first visit.
We also recommend you to limit NFA frontend access to specific IPs only.
– Go to Management -> Configuration
– Enable the Front-end Access Restriction setting
– Specify which IP addresses you want to allow
– Save your changes
Getting Started with Flow Analyzer
The final step is to start sending flow records to the server. You will need to configure your network devices to send records to your NFA server. If you have Cisco Catalyst 9000 series switches, you can refer to our sample configuration. For other devices, refer to the manufacturers’ documentation for how to configure NetFlow record exporting.
By default, your NetFlow records should be sent to port 2055, and your sFlow records to port 6343.
– If needed, you can modify the standard ports via NFA’s Frontend under Management -> Configuration Settings.
– Alternatively, you can edit your configuration file from the command line. The NFA configuration file located at: /etc/noction/nfa.conf
Once you have flow exporting configured on your network, wait for at least 5 minutes to start seeing graphs in NFA. From there, you will be able to customize your dashboard, configure custom alerts, and explore all the benefits of the Noction Flow Analyzer. For more information on customizing the dashboard and how to make the most of NFA, refer to our NFA Resources page.
Adding BGP Functionality
If you want to add on BGP functionality, first configure an iBGP session between your router(s) and NFA. Then, in the NFA dashboard go to Management -> Inventory -> Add device, and fill out the required fields on the General Settings and Location tabs. On the BGP Settings tab, provide the Peer AS and Peer Address (your router’s address) and then click Submit.
NFA is a licensed product and requires you to register your license in the application. You will receive your trial key in an email, and that key will allow you to get started. Copy the key from the email and log in to your NFA front end. Under Management -> License, paste your activation key, and hit Activate License. The trial key will be applied and allow you to evaluate NFA in your environment. When you switch over to a paid subscription, you will need to replace this trial key.
To avoid possible licensing issues, please ensure the correct hardware clock configuration. The best practice is to have the Hardware clock set in UTC and do the required time-zone changes on OS.
Noction Flow Analyzer is priced per license at $299/month with no limitations in terms of network devices, interfaces, or sites. Convenient annual subscription options are available. The optional BGP add-on is available at $199/month.
NFA Documentation and Support
If you’re interested, you can always access the NFA Resources page to learn more about the product and its use cases. If you have any difficulties during the installation or configuration, contact us at email@example.com