Home Noction Flow Analyzer Noction Flow Analyzer Installation Guide

Noction Flow Analyzer Installation Guide

Noction Flow Analyzer Installation Guide

What is Noction Flow Analyzer?

NFA is a web-based network traffic analysis, monitoring and alerting tool. The product enables engineers to optimize their networks and applications performance, control bandwidth utilization, do the proper network capacity planning, perform detailed BGP peering analysis, improve security and minimize network incidents response time.
NFA is intended for use in a production environment. The product should be installed on a dedicated server that meets the following software and hardware requirements:

Hardware Requirements:

  • x86_64 architecture
  • Minimum 4x core CPU (8x core CPU recommended), SSE4.2 support
  • Minimum 32GB of RAM (64GB RAM recommended; 128GB RAM – optimal)
  • Minimum 250GB SSD storage (500GB SSD storage recommended) allocated to the /var partition

Software Requirements:

  • Ubuntu 20.04 LTS

Please note that NFA can also be installed on a server running CentOS 7 x86_64 Minimal – Clean Install or RHEL 8. The minimum system requirements assume default configuration. Significantly increasing the flow collection rate might cause additional load on a server, thus requiring extra memory or a larger CPU.

Hardware resources depend on the amount of flows/s exported to NFA. For each additional 1,000 flows/sec, 1 GB of RAM and 0.2 of vCPU are required. An additional 2 GB of RAM and 4 vCPU are required when the BGP add-on is used. Values are directly proportional: RAM and vCPU numbers per 1,000 flows/sec.

For instance: 40,000 flows/sec will require 40 GB of RAM and 8 vCPU, plus 2 GB of RAM and 4 vCPU in case a BGP add-on is used.

1.1 Installing NFA on a server running Ubuntu:

Run the below command to configure the NFA repository:

curl -sLO http://repo-nfa.noction.com/ubuntu/nfa-repo_0.1.0-noc.deb && \
dpkg -i nfa-repo_0.1.0-noc.deb && \
curl -L http://repo-nfa.noction.com/repo.gpg | apt-key add -
add-apt-repository -y ppa:ubuntu-toolchain-r/test

Running the following command, Noction Flow Analyzer will be installed:

apt update
apt install nfa
Note: A properly configured firewall can greatly increase the security of your system. It is highly recommended that you configure a firewall for NFA. Should you need any help with this, please contact us at support@noction.com

Please ensure that ntp is started by default. If not, use the timedatectl set-ntp on command to enable time synchronization.

1.2 Installing NFA on a server running CentOS or RHEL 8:

Run the below command to configure the NFA repository:
For CentOS 7

rpm -Uvh http://repo-nfa.noction.com/nfa-repo-0.1.0-0.noc.noarch.rpm

For RHEL 8

dnf module enable nodejs:14 -y
rpm -Uvh http://repo-nfa.noction.com/nfa-repo-0.1.0-0.noc.noarch.rpm


SELinux should be set to the permissive state for proper NFA components operation:

Enabling SELinux permissive state

# setenforce 0

Set SELINUX parameter must be changed to permissive in the /etc/sysconfig/selinux configuration file as well.

Change of the SELinux state in the configuration file


Running the following command, Noction Flow Analyzer will be installed:

yum install nfa
Note: FirewallD is the default daemon responsible for firewall security on CentOS7. Please make sure to open HTTP/HTTPS, BGP, and Flow ports and to adjust configurations to include only IPs that should have access to your server.

Please ensure that chronyd is started by default. If not, use the following command: systemctl
start chronyd

2. Accessing NFA Front End

Once the installation process is complete, access NFA Front End using https://yourhostname or
IP address and a combination of the default username and password – admin/admin.

The NFA frontend runs on port 443 (https). The system listens to Flow stats on the default protocol ports: NetFlow (2055 port), sFlow (6343 port). Please adjust your firewall settings accordingly.

nfa installation

For security purposes, we recommend that you change the default password to your account under Profile upon the first visit.

instal flow analyzer

We recommend you to limit NFA frontend access to specific IPs only. To do so, go to Management > Configuration Settings.

Enable the Front-end access restriction and introduce the allowed IPs. Click the Save Changes button.

activate license

3. Licensing

NFA is a licensed product and requires users to obtain and register а license in the application.

Register with Noction at https://nfa.noction.com and request a license. The license activation key will be sent to the email address you provide during registration.

Go to Management > License. Introduce your activation key in the corresponding field and hit ACTIVATE LICENSE.

netflow bgp data
Note: Please ensure firewall rules are adjusted for access to repo-nfa.noction.com ports 443 & 80. This is a requirement for license validation.
In case inbound traffic is filtered as well, please allow ephemeral ports 32768-65535 (enables responses to the outbound traffic) to both OS and Noction repositories.

4. Flow

Send flow to your NFA instance. For NetFlow use port 2055, for Sflow port 6343. You can modify standard ports via NFA’s Frontend by going to Management > Configuration Settings.


Alternatively, use the configuration file located at:


Once the flow export is configured, wait for at least 5 minutes to start seeing graphs in NFA.

5. BGP Data

For Proper BGP Add-on functionality, configure an iBGP or eBGP session between NFA and your router(s).

Next go to Management > Inventory > Add device.

Once all the details are provided on the General Settings and Location tabs, go to BGP Settings.

Fill out both OUR AS and PEER AS fields under the BGP settings tab to establish an eBGP session. With eBGP, the route-reflector does not need to be configured, and the router side just needs to be set up as though it’s a transit customer. If OUR AS field is left blank, an iBGP session will be established.

xiBGP and eBGP

You can always edit () an existing device, fill out the required fields under the BGP Settings tab, and hit Save.

6. NFA Upgrade

To update to the latest NFA version:

  Clean all cached information:

For CentOS:

#yum clean all
#yum update nfa\*

For RHEL 8:

If your NFA is v 22.04 or older, run

#dnf module enable nodejs:14 -y

Otherwise, proceed with

#yum clean all
#yum update nfa\*

For Ubuntu:

If your NFA is v 22.04 or older, run

add-apt-repository -y ppa:ubuntu-toolchain-r/test

Otherwise, proceed with

apt clean 
apt update
apt upgrade nfa\*
  Restart nfabgpd:
#systemctl restart nfabgpd
  Verify the NFA components:
#systemctl list-dependencies nfa.target
  Check if all NFA components are updated to the latest version:
#rpm -qa nfa\*

Should you have any questions or experience difficulties during the upgrade process, please email support@noction.com.

7. NFA best practices

Access additional information at https://www.noction.com/flow-analyzer/resources to learn more about the product and its use cases.