Enhanced application mapping using Netflow starting with v11.3.0

Starting with v11.3.0, you can now use Netflow data for application dependency mapping as discussed below.

The challenge

Our current Windows- and Linux-based auto-discovery work great for mapping out service dependencies and detecting interdependencies, but it does have a couple of limitations:

  • The discovery is point in time. This means, you need to run the discovery often and, even so, you still might miss a connection that happens sporadically across different services.
  • If you don’t have credentials for an environment, Windows and Linux discovery can’t get you the connectivity.

Netflow overcomes these challenges as described below. (That said, Netflow has it’s own challenges so the best of all worlds is to use the point in time discovery plus Netflow).

The solution

If you can enable Netflow on your network devices (physical or hypervisors), it provides you a continuous data stream for all of the connections. That makes it a perfect candidate to discover any connections that point in time discovery might have missed.

Netflow is also a great solution if you don’t have Windows and Linux credentials. In this scenario, Netflow discovery can be augmented with the newly available Nmap discovery. The Nmap discovery tool figures out which service is running on each port. Device42 automatically combines the Netflow and Nmap data to give you application mapping.

Netflow support as an add-on for application topology mapping

We have added Netflow option as an add-on for Device42 starting with v11.3.0. Here is how it works:

1. You run the D42 Netflow collector on any Windows or Linux machine on your network and point the collector to your D42 appliance IP (Note: it will be added to our remote collector soon).
2. Point your network devices to the netflow collector in step #1
3. The data starts showing up in Device42 (by default, the collector crunches the data and sends to the D42 appliance every 15 minutes. This default can be changed).

Other changes in v11.3.0

  • API enhancement: /api/1.0/switchports GET call now support include_cols to limit the fields you want to see.
  • Custom field pick lists are now sorted alphabetically.

Get a deeper understanding of your applications, services, and their interrelationships

In summary, you can get a pretty good picture of your applications, services, and their interrelationships from the existing point-in-time application discovery. Adding Netflow will enable you to capture connections that happen infrequently. And where you don’t have Windows/Linux credentials, the combination of Netflow and Nmap will give you a lot of information (what will be missing if you just use Netflow and Nmap will be connections that happen behind the firewall and/or that don’t go through the hypervisor network controller.

Having a continuously updated picture of your application interrelationships is critical to successful migrations, audits, finance interactions, capacity planning, and much much more.

Current customers can get the latest update file from: https://www.device42.com/update/

To download a free trial of Device42, please visit: https://www.device42.com/download/