sFlow offers a wonderfully scalable and extremely CPU-friendly method of traffic assessment and monitoring, and even covers traffic on almost any layer of communication! Better yet, sFlow is supported on a wide range of vendors’ devices, making it all the more likely that you may already have sFlow compatible devices on your network ready to go as is.
Although sFlow does come with its own limitations, most notable of it being a ‘sample’-based technology and thus losing out on some level of granularity, it does none the less provide an excellent level of information for analyzing network flow packets.
In specific, sFlow is excellent for doing overly network traffic assessments or considering expandability needs. sFlow also works great for congestion control, general troubleshooting, maintenance, just about anything on your network that is general purpose or requires a more broad and statistical view of any traceable aspect.
Every network needs some kind of traffic monitoring and analysis, and sFlow is an excellent method for doing that very thing – but having devices eager to send off sFlow data is only part of the solution. You also need a powerful program capable of collecting all that data and, more importantly, analyzing it.
sFlow is ultimately only as good as the usefulness of the data, and a program that can’t bring the data together in meaningful and useful ways for analysis will leave you wanting. Below is a compiled list of some of the best pieces of software, both free and paid, for making sure your sFlow data is gathered up and put to good use!
Top sFlow Collection and Analysis Tools & Software
1. SolarWinds NTA
SolarWinds’ sFlow collector and analyzer comes as part of their larger Network Traffic Analyzer suite. The only downside here is that you get far more than just sFlow capability, but some would consider that hardly a negative. The upside to having the entire Analyzer package is that the NTA can handle pretty much all of your network and traffic monitoring needs in all forms of troubleshooting and analysis, going well beyond simply just sFlow data!
Pricing: Free Trial and option for Pro Upgrade
Compatibility: Windows Server 2008, 2012, 2012 R2
2. ManageEngine NetFlow Analyzer
Another option that performs general tracking and analysis, ManageEngine has a strong emphasis on NetFlow but also performs some level of sFlow collecting and analyzing as well. The charting aspect of ManageEngine is particularly solid, and even boasts some mobile compatibility for ease of access and assessment of data on the go!
Pricing: Free trial with free option for limited interfaces, must contact Sales for quote of licensed versions
Compatibility: Windows Server 2000, 2003, 2008, 2012 Windows XP through Windows 8, Linux 8/9, Fedora/Ubuntu/Debian, and several others
PRTG’s monitoring suite includes an xFlow sensor, which must be installed and configured, but allows for full monitoring of not only sFlow, but also NetFlow and many other flow standards. Additionally the entire PRTG software has a great amount of added functionality, much of which is modular via sensors. The upside is a program that fits much more precisely your needs, the downside is a somewhat heavier cost when it comes to initial setup and configuration.
Pricing: Free trial, 100 sensor freeware option, license starts at $1,600 with added yearly maintenance costs
Compatibility: Windows Server 2012 R2
nProbe is sort’ve an interesting offering in that it takes sFlow traffic and, according to their website, “transparently translates them into NetFlow v5/v9/IPFIX.” This might be ideal for networks with mixed vendors or hardware devices in terms of flow options for the sake of unification, or for those who simply prefer the NetFlow approach!
Pricing: Anywhere from 49.95 Euros to 299.95 via their online store
Compatibility: 64bit Windows and Unix
FlowTraq has a particular lean towards automation and taking measured guesses at what is normal, and abnormal, for your network. In this way it tries to provide an extra layer of security – easily picking up anomalies or unusual performance, sometimes due to problematic devices but also, potentially, due to things like DDoS attacks or similar unwanted behaviors!
Pricing: Free trial, must contact Sales for quote
Compatibility: Windows XP, Vista and 7; Windows Server 2003, 2008; Mac OS X 10.5+; Linux; Solaris 10; FreeBSD
6. NetFlow Logic
This particular piece of software works especially well when paired with other pieces of software, such as Splunk enterprise, or VMWare for managing virtual environments and network security, but in this instance their NetFlow Integrator pairs with the basic NetFlow Logic system to accept a wide range of flow data and then pushes that data forwards into other solutions, like VMWare, Splunk, etc. This makes it a somewhat unusual option in that it isn’t an analyzer itself but acts as a generalized collector for aggregating a wide range of flow data – NetFlow, sFlow, FDR, IPFIX, etc., and then bringing it all forwards int a unified manner.
Pricing: Must contact Sales for quote
Compatibility: Linux, Windows Server 2008, 2012, 2012 R2, VMWare ESXi 5.x and above
7. Brocade Network Advisor
This option is geared heavily towards much larger environments and enterprise-based solutions and boasts an exceptional support staff as well as a particularly lengthy free trial of 120 days! Brocade’s Network Advisor handles flow traffic with an emphasis on dynamic scalability and variable performance requirements and needs.
Pricing: Node-based costs starting at $100 per, per year
Compatibility: Windows Server 2008 R2, Windows Server 2012, 2012 R2, Linux 6.4, SUSE, Guest VM for VMWare and Hyper-V
8. Ganglia Monitoring System
Despite the peculiar name the Ganglia software is an interesting option indeed. It began at the University of California, Berkeley as part of a project funded by several national computer and science groups’ award. It’s a scalable monitoring solution especially focused around cluster and grid-based environments with a great deal of algorithmic effort to lower per-node overhead and can handle clusters upwards of several thousand nodes!
Compatibility: Most Windows and Unix/Linux with a wide range of other distributions also available
9. Kentik Detect
This software pushes for and boasts an especially strong focus on speed and reliability. It’s one thing to gather sFlow traffic on a few dozen computers in one office, but it’s an entirely different realm when managing enormous clusters of systems or even working on the service provider level! Kentik’s software runs both on-premise or via cloud based, and aggregates a wide range of data, sFlow included, for network assessment. Kentik also offers a range of DDoS protection and detection as well as similar malicious activity countermeasures.
Pricing: Free trial, must contact Sales for quote
Compatibility: Purely web/cloud based, wide range of compatibility, but does have its own drawbacks as such
sFlowTrend is a nice and straightforward free offering for sFlow collection and analysis and even offers a web-based client with newer versions for even wider ranges of compatibility. It performs a range of simple charting and graphs for assessing network status and picking out abnormal traffic or trends, as well as offering the usual range of host hardware parameters and trend assessment. While it lacks a lot of visual polish and flash of more expensive paid products, and is somewhat limited in its scope of ability, it’s a powerful program for smaller needs and can do an excellent job in the right environment!
Pricing: Free, pro version also available via InMon.com site
Compatibility: Java-based and runs on most any Java 1.7+ compatible platform
Many options exist for tracking, maintaining, and performing analysis on your network – sFlow happens to be one that many hardware devices from a wide range of vendors thankfully already include. All you need is one of the above programs to gather up that data and put it to good use to help maintain, troubleshoot, and scale your network as easily as possible.