What is Noction Flow Analyzer?
NFA is a web-based network traffic analysis, monitoring and alerting tool. The product enables engineers to optimize their networks and applications performance, control bandwidth utilization, do the proper network capacity planning, perform detailed BGP peering analysis, improve security and minimize network incidents response time.
NFA is intended for use in a production environment. The product should be installed on a dedicated server that meets the following software and hardware requirements:
- x86_64 architecture
- Minimum 4x core CPU (8x core CPU recommended)
- Minimum 32GB of RAM (64GB RAM recommended; 128GB RAM – optimal)
- Minimum 250GB SSD storage (500GB SSD storage recommended)
- CentOS 7 x86_64 Minimal – Clean Install
The minimum system requirements assume default configuration. Significantly increasing the flow collection rate might cause additional load on a server, thus requiring extra memory or a larger CPU.
1. Prepare for the installation
Run the below command to configure the NFA repository:
rpm -Uvh http://repo-nfa.noction.com/nfa-repo-0.1.0-0.noc.noarch.rpm
SELinux should be set to the permissive state for proper NFA components operation:
Enabling SELinux permissive state
Set SELINUX parameter must be changed to permissive in the /etc/sysconfig/selinux configuration file as well.
Change of the SELinux state in the configuration file
Running the following command, Noction Flow Analyzer will be installed:
[root@host ~]# yum install nfa
A properly configured firewall can greatly increase the security of your system. It is highly recommended that you configure a firewall for NFA. Should you need any help with this, please contact us at email@example.com
Once the installation process is complete, access NFA Front End using https://yourhostname or
IP address and a combination of the default username and password – admin/admin.
The NFA frontend runs on port 443 (https). The system listens to Flow stats on the default protocol ports: NetFlow (2055 port), sFlow (6343 port). Please adjust your firewall settings accordingly.
For security purposes, we recommend that you change the default password to your account under Profile upon the first visit.
We recommend you to limit NFA frontend access to specific IPs only. To do so, go to Management > IP Filtering.
NFA is a licensed product and requires users to obtain and register а license in the application.
Register with Noction at https://nfa.noction.com and request a license. The license activation key will be sent to the email address you provide during registration.
Go to Management > License. Introduce your activation key in the corresponding field and hit ACTIVATE LICENSE.
Send flow to your NFA instance. For NetFlow use port 2055, for Sflow port 6343. If you want to modify standard ports use the configuration file located at:
Once the flow export is configured, wait for at least 5 minutes to start seeing graphs in NFA.
5. BGP Data
For Proper BGP Add-on functionality, configure iBGP session between NFA and your router(s).
Next go to Management > Inventory > Add device.
Fill out the required fields and select the device type > BGP.
On the BGP Settings tab, provide the AS number, Peer Address (your router’s address) and the NFA address (NFA internal address). Hit Add Device.