NetFlow is a technology developed by Cisco Systems, Inc for monitoring and analyzing network traffic information. Implemented primarily in Cisco routers and switches, it is now becoming the industry standard in flow measurement and is now supported by many vendors’ network devices. Analyze flow information such as NetFlow to identify operational or security issues, strengthen external or internal network security.
What is flow in network traffic analysis is like a packet group with common attributes flowing on the network. For example, attributes such as source / destination IP address, source / destination port number, protocol number.
If common, the packet is considered as the same flow. In an easy-to-understand example, if a user uploads a file to the server, the processing in that case is regarded as one flow(in terms of packets, it is a block of multiple packets wit common attributes). By analyzing this flow information, it is possible to monitor and analyze traffic on a per-suer or per-application basis.