If you’ve ever experienced the frustration of trying to identify exactly which workstation is clogging up your network with torrent downloads, then examining NetFlow data on your network could help you out.
NetFlow Analyzers & Collectors can help admins find out exactly what kind of traffic is on the network, and who is consuming all your precious bandwidth.
We’ve pulled together a few free tools that collect and analyze NetFlow data. We’ve tried to find tools that are truly free, and not just time-limited evaluation versions.
Here is our list of the top NetFlow Analyzers:
SolarWinds NetFlow Traffic Analyzer – FREE TRIAL This package extracts traffic capacity and utilization data from switches and routers, using NetFlow and similar statistical protocols, implementing alerts for traffic problems. Runs on Windows Server.
Paessler PRTG – FREE TRIAL This package of network, server, and application monitors is a paid system but you can get it for free if you only activate 100 of the sensors. Runs on Windows Server.
Noction Flow Analyzer A package of network monitoring and management tools that uses NetFlow and similar protocols to gather traffic flow information from switches and routers. Runs on Linux.
ManageEngine NetFlow Analyzer This paid tool has a free trial and also a limited free version. It extracts traffic data from switches and routers. Available for Windows Server and Linux.
ntop A free, open-source network monitoring service that operates through packet captures taken by libpcap and then filtered through NetFlow and sFlow. The main product in the ntop stable is ntopng, which runs on Windows, Linux, Unix, and macOS.
Plixer Scrutinizer This monitoring package installs on top of Hyper-V as a virtual appliance and is offered in seven plans, including a free tier.
Though not time-limited, most of the tools are feature-limited versions of products from the software makers. Don’t let that discourage you though. All of these software packages are well worth downloading, even with the limitations.
But before we get to the tools, a brief overview of NetFlow is in order.
What is NetFlow/J-Flow/sFlow?
NetFlow data is generated by network devices like routers and firewalls. Flow data will generally contain details like source and destination IP addresses, port numbers, protocols, and more.
The term “NetFlow” is proprietary to Cisco, but other vendors have their own versions of “Flow.” For instance, Juniper calls it “J-Flow”, and several vendors, including HP and Fortinet, use “sFlow.”
Implementation details vary from vendor to vendor, but most flavors of xFlow produce the same sort of data. In this article, we’ll refer to all xFlow variants as NetFlow to keep things simple, but be aware that not all tools support the same flavors of Flow.
How to Enable NetFlow
Before you can use one of the free flow analyzers, NetFlow must be enabled on the devices you want to monitor. Don’t worry, it’s not hard. The steps to enabling NetFlow vary from device to device and there’s a wealth of information on the web to get you started.
And, most of the vendors below have much more concise sets of instructions – for instance, SolarWinds, Plixer, ManageEngine and PRTG all have useful guides to help you out.
Now, on to the free tools!
Here’s the Best Free Netflow Analyzers & Collectors of 2023:
The SolarWinds NetFlow Traffic Analyzer is another great tool from a company with a history of making reliable network monitoring software. Data can be sorted, displayed, and charted in different ways – such as conversations, and endpoints.
Limitations: Monitor only a single NetFlow interface, and keeps 60 minutes worth of data.
Paessler PRTG is a full network monitoring system. The free version includes a NetFlow sensor, in addition to many other features like reporting, alarming, and SNMP monitoring.
The free version can monitor up to 10 sensors at no cost.
Paessler also makes some useful NetFlow testing tools available, like the NetFlow Tester, and NetFlow Generator.
Limitations: Limited to 10 sensors (or 20 if you display the PRTG graphic on your website)
Pros:
Uses a combination of packet sniffing, WMI, and SNMP to report network performance as well as discover new devices
Autodiscovery reflects the latest inventory changes almost instantaneously
Drag and drop editor makes it easy to build custom views and reports
Supports a wide range of alert mediums such as SMS, email, and third-party integration
Supports a freeware version
Cons:
Is a very comprehensive platform with many features and moving parts that require time to learn
Price: You can start with a 30-day free trial. Using up to 100 sensors is always free.
Noction Flow Analyzer is a powerful network traffic monitoring platform. The traffic monitoring part of this package relies on NetFlow and similar statistics gathering protocols to gather live traffic data from switches and routers.
The traffic monitor is able to communicate with network devices provided by a long list of manufacturers. This is because, as well as NetFlow, Noction can communicate with sFlow, J-Flow, NetStream, and IPFIX. There is also the BGP traffic monitoring feature available with this tool. Use it to monitor traffic volume distribution by different paths, optimize your peering strategy, and more.
Noction installs on Linux and it is available for a free trial.
Pros:
Does an excellent job at creating insights and statistics from network information gathered
Best suited for Linux environments
Offers Juniper-specific templates
Cons:
Site24x7 is a feature dense platform that can take time to fully learn all of its features and customization options
ManageEngine offers a full-featured, free version of their NetFlow Analyzer Professional software.
The free version displays detailed source/destination data, as well as ports used, and applications detected. It also generates helpful charts that make it easy to visualize the data.
Limitations: Monitors only two interfaces. But, for the first 30-days it can monitor unlimited interfaces.
Pros:
Supports multiple protocols like NetFlow, great for monitoring Cisco equipment
Both tools work well alongside each other to help view traffic patterns and bandwidth usage
Easy to use interface automatically highlights bandwidth hogs and other network traffic outliers
Scale well, designed for large enterprise networks
Can view traffic on a per-hop basis, allowing for granular traffic analysis
Cons:
Built for enterprise use, not designed for small home networks
“ntop” is an open-source NetFlow analyzer and packet capture product. It took a little more effort to get up and running than some of the other software, but is a great open-source alternative.
The data is analyzed and presented in a clear and logical way, even though it doesn’t have all the visual bells and whistles of some other products.
Limitations: None if you download and compile it yourself – source code can compile on Linux or Windows. But if you want an executable binary file, then you’re limited to capturing 2000 packets, unless you register (erm, donate).
Pros:
Extremely lightweight tool
Supports IPv6
Combines flows so you have a holistic view of your data
Scrutinizer is another comprehensive NetFlow analyzer.
The download was surprisingly large – a hefty 322 MB compared to 44 MB for PRTG and a lightweight 20MB for SolarWinds.
There were numerous tutorials and videos included in the product, so that could have been part of the reason for the bulk. But, it also is a very comprehensive tool that provides detailed traffic analysis.
Limitations:
Provides only 24 hours worth of data. Unlimited data and more advanced reporting and alarming is available with the add-on “Flow Analytics” package.
Scrutinizer NetFlow Monitor
Pros:
Offers multiple deployment options
Designed to support large enterprise networks
Offers additional security-related traffic analysis features
Cons:
Must reach out to sales for pricing
Steeper learning curve than similar tools on the market
We tried out all of these products, and were impressed by each and every one. If you’re looking for a way to manage your bandwidth more efficiently, then enable NetFlow on your network and download one of these analyzers.
It’s worth it even if only to have a close peek into what kind of data really is flowing over your network.
Best Free NetFlow Analyzer Tools for Windows
by Aaron Leskiw, CCDA, CCNA, MCSE, ITILv3, MCSA, A+ - Last Updated: December 2, 2022
If you’ve ever experienced the frustration of trying to identify exactly which workstation is clogging up your network with torrent downloads, then examining NetFlow data on your network could help you out.
NetFlow Analyzers & Collectors can help admins find out exactly what kind of traffic is on the network, and who is consuming all your precious bandwidth.
We’ve pulled together a few free tools that collect and analyze NetFlow data. We’ve tried to find tools that are truly free, and not just time-limited evaluation versions.
Here is our list of the top NetFlow Analyzers:
Though not time-limited, most of the tools are feature-limited versions of products from the software makers. Don’t let that discourage you though. All of these software packages are well worth downloading, even with the limitations.
But before we get to the tools, a brief overview of NetFlow is in order.
What is NetFlow/J-Flow/sFlow?
NetFlow data is generated by network devices like routers and firewalls. Flow data will generally contain details like source and destination IP addresses, port numbers, protocols, and more.
The term “NetFlow” is proprietary to Cisco, but other vendors have their own versions of “Flow.” For instance, Juniper calls it “J-Flow”, and several vendors, including HP and Fortinet, use “sFlow.”
Implementation details vary from vendor to vendor, but most flavors of xFlow produce the same sort of data. In this article, we’ll refer to all xFlow variants as NetFlow to keep things simple, but be aware that not all tools support the same flavors of Flow.
How to Enable NetFlow
Before you can use one of the free flow analyzers, NetFlow must be enabled on the devices you want to monitor. Don’t worry, it’s not hard. The steps to enabling NetFlow vary from device to device and there’s a wealth of information on the web to get you started.
For Cisco devices, start with the Cisco Netflow Configuration Guide.
Other vendors, like Juniper, usually have their own configuration resources too.
And, most of the vendors below have much more concise sets of instructions – for instance, SolarWinds, Plixer, ManageEngine and PRTG all have useful guides to help you out.
Now, on to the free tools!
Here’s the Best Free Netflow Analyzers & Collectors of 2023:
1. SolarWinds NetFlow Traffic Analyzer – FREE TOOL
The SolarWinds NetFlow Traffic Analyzer is another great tool from a company with a history of making reliable network monitoring software. Data can be sorted, displayed, and charted in different ways – such as conversations, and endpoints.
Limitations: Monitor only a single NetFlow interface, and keeps 60 minutes worth of data.
Download SolarWinds’ FREE Netflow Traffic Analyzer
Pros:
Cons:
Download: https://www.solarwinds.com/free-tools/real-time-netflow-analyzer/
2. Paessler PRTG – FREE TRIAL
Paessler PRTG is a full network monitoring system. The free version includes a NetFlow sensor, in addition to many other features like reporting, alarming, and SNMP monitoring.
The free version can monitor up to 10 sensors at no cost.
Paessler also makes some useful NetFlow testing tools available, like the NetFlow Tester, and NetFlow Generator.
Limitations: Limited to 10 sensors (or 20 if you display the PRTG graphic on your website)
Pros:
Cons:
Price: You can start with a 30-day free trial. Using up to 100 sensors is always free.
Download: http://www.paessler.com/prtg/download
3. Noction Flow Analyzer
Noction Flow Analyzer is a powerful network traffic monitoring platform. The traffic monitoring part of this package relies on NetFlow and similar statistics gathering protocols to gather live traffic data from switches and routers.
The traffic monitor is able to communicate with network devices provided by a long list of manufacturers. This is because, as well as NetFlow, Noction can communicate with sFlow, J-Flow, NetStream, and IPFIX. There is also the BGP traffic monitoring feature available with this tool. Use it to monitor traffic volume distribution by different paths, optimize your peering strategy, and more.
Noction installs on Linux and it is available for a free trial.
Pros:
Cons:
Download: https://nfa.noction.com/register.php
4. ManageEngine NetFlow Analyzer
ManageEngine offers a full-featured, free version of their NetFlow Analyzer Professional software.
The free version displays detailed source/destination data, as well as ports used, and applications detected. It also generates helpful charts that make it easy to visualize the data.
Limitations: Monitors only two interfaces. But, for the first 30-days it can monitor unlimited interfaces.
Pros:
Cons:
Download: http://www.manageengine.com/products/netflow/download-free.html
5. nTop
“ntop” is an open-source NetFlow analyzer and packet capture product. It took a little more effort to get up and running than some of the other software, but is a great open-source alternative.
The data is analyzed and presented in a clear and logical way, even though it doesn’t have all the visual bells and whistles of some other products.
Limitations: None if you download and compile it yourself – source code can compile on Linux or Windows. But if you want an executable binary file, then you’re limited to capturing 2000 packets, unless you register (erm, donate).
Pros:
Cons:
Download: http://www.ntop.org/download.html
6. Plixer International Scrutinizer
Scrutinizer is another comprehensive NetFlow analyzer.
The download was surprisingly large – a hefty 322 MB compared to 44 MB for PRTG and a lightweight 20MB for SolarWinds.
There were numerous tutorials and videos included in the product, so that could have been part of the reason for the bulk. But, it also is a very comprehensive tool that provides detailed traffic analysis.
Limitations:
Provides only 24 hours worth of data. Unlimited data and more advanced reporting and alarming is available with the add-on “Flow Analytics” package.
Scrutinizer NetFlow Monitor
Pros:
Cons:
Download: http://www.plixer.com/support/download_request.php
Conclusion
We tried out all of these products, and were impressed by each and every one. If you’re looking for a way to manage your bandwidth more efficiently, then enable NetFlow on your network and download one of these analyzers.
It’s worth it even if only to have a close peek into what kind of data really is flowing over your network.