Noction Flow Analyzer Installation Guide

Noction Flow Analyzer Installation Guide

 

What is Noction Flow Analyzer?

is a web-based network traffic analysis, monitoring and alerting tool. The product enables engineers to optimize their networks and applications performance, control bandwidth utilization, do the proper network capacity planning, perform detailed BGP peering analysis, improve security and minimize network incidents response time.
NFA is intended for use in a production environment. The product should be installed on a dedicated server that meets the following software and hardware requirements:

Hardware Requirements:

  • x86_64 architecture
  • Minimum 4x core CPU (8x core CPU recommended)
  • Minimum 32GB of RAM (64GB RAM recommended; 128GB RAM – optimal)
  • Minimum 250GB SSD storage (500GB SSD storage recommended)

Software Requirements:

  • CentOS 7 x86_64 Minimal – Clean Install
Note: NFA will install and operate below the recommended system requirements. However, as the database size grows and if complex queries are used, this can result in slow performance.

The minimum system requirements assume default configuration. Significantly increasing the flow collection rate might cause additional load on a server, thus requiring extra memory or a larger CPU.

1. Prepare for the installation

Run the below command to configure the NFA repository:

rpm -Uvh http://repo-nfa.noction.com/nfa-repo-0.1.0-0.noc.noarch.rpm

2. Installation

SELinux

SELinux should be set to the permissive state for proper NFA components operation:

Enabling SELinux permissive state

# setenforce 0

Set SELINUX parameter must be changed to permissive in the /etc/sysconfig/selinux configuration file as well.

Change of the SELinux state in the configuration file

SELINUX=permissive

Running the following command, Noction Flow Analyzer will be installed:

[root@host ~]# yum install nfa

A properly configured firewall can greatly increase the security of your system. It is highly recommended that you configure a firewall for NFA. Should you need any help with this, please contact us at support@noction.com

Once the installation process is complete, access NFA Front End using https://yourhostname or
IP address and a combination of the default username and password – admin/admin.

The NFA frontend runs on port 443 (https). The system listens to Flow stats on the default protocol ports: NetFlow (2055 port), sFlow (6343 port). Please adjust your firewall settings accordingly.

NFA Front End

For security purposes, we recommend that you change the default password to your account under Profile upon the first visit.

We recommend you to limit NFA frontend access to specific IPs only. To do so, go to Management > IP Filtering.

default password

3. Licensing

NFA is a licensed product and requires users to obtain and register а license in the application.

Register with Noction at https://nfa.noction.com and request a license. The license activation key will be sent to the email address you provide during registration.

Go to Management > License. Introduce your activation key in the corresponding field and hit ACTIVATE LICENSE.

Activate License

4. Flow

Send flow to your NFA instance. For NetFlow use port 2055, for Sflow port 6343. If you want to modify standard ports use the configuration file located at:

/etc/noction/nfa.conf

Once the flow export is configured, wait for at least 5 minutes to start seeing graphs in NFA.

5. BGP Data

For Proper BGP Add-on functionality, configure iBGP session between NFA and your router(s).

Next go to Management > Inventory > Add device.

Fill out the required fields and select the device type > BGP.

device type

On the BGP Settings tab, provide the AS number, Peer Address (your router’s address) and the NFA address (NFA internal address). Hit Add Device.

BGP Settings

6. NFA best practices

Access additional information at https://www.noction.com/flow-analyzer/resources to learn more about the product and its use cases.