Flowmon 8.02 follows the improvements introduced in previous releases such as new architecture of flow data storage introduced (Flowmon 8.0) and 30s flow data granularity in (Flowmon 8.01). One of the most expected feature of Flowmon 8.02 is encrypted flow forwarding/receiving by Flowmon Collector.
Reliable and secured IPFIX data transfer
Flowmon Collector traditionally used protocol UDP for receiving flow data. Since Flowmon 8.02, collector is able to receive IPFIX using TCP and TCP/TLS connection.
Figure 1: IPFIX via TCP/TLS Connection
Received flow data can be forwarded encrypted to multiple different targets via TCP/TLS protocol using collector's key and certificate together with CA certificate. Thanks to these features, it is possible to provide reliable and encrypted communication between collectors.
IPFIX items with variable length and AVC HTTP Support
Flowmon 8.02 supports IPFIX items with variable length. Flowmon Collector can process Cisco AVC HTTP values (HTTP hostname and URL from Cisco devices). Cisco Application Visibility and Control (AVC) provides application-level classification, monitoring, and traffic control to reduce network operating costs. Another important benefits include faster troubleshooting, less network downtime and greater visibility of application usage and performance.
Strengthen security for Remote Access
New security features are available in Flowmon Configuration Center. IP access restrictions can be defined for remote access. In default settings, there are no IP address restrictions (all IP addresses can access). Administrator can add IP addresses or subnets to limit access to provided addresses or ranges only.
Figure 2: Access Restriction Settings
Active Devices
Flowmon 8.02 brings new views on Active devices. Section Active devices in FMC has a new Overview tab with dashboard lookup providing useful statistics. These statistics make it easier to see top flow sources, active devices in time, IP families, and other information related to active devices. Moreover,these new widgets can be added to central Flowmon Dashboard as well.
Figure 3: Active Device Widget
New Active Devices offer flexible filtering options including aggregation. It's easy to filter out data for selected time interval, subnet or IP address, user ID, MAC and VLAN.
Figure 4: Active Devices
Sampling option in Report settings
Computation of reports over large amounts of data can take some time. To speed up the process, sampling can be enabled in Reports settings (Flowmon Configuration Center). The advantage is increased performance without affecting the accuracy of data.