12.13.18. Configuring Netflow profiles

name

Netflow profile name.

description

Profile description.

ip

IP address of a Netflow collector to which the sensor will send the statistics.

port

UDP port on which the Netflow collector will receive the statistics.

protocol

Netflow protocol version to use (it should be identical on the sensor and the collector):

• netflow5.

• netflow9.

• netflow10.

active-timeout

Time after which statistics will be sent to the collector without waiting for the flow to finish (e.g., transferring a large file over the network). Specify a value in seconds. Default value: 1800 seconds, maximum value: 3600 seconds.

inactive-timeout

Time allowed for termination of an inactive flow (in seconds). Default value: 15 seconds; maximum value: 3600 seconds.

max-flows

Maximum number of counted flows from which statistics are gathered and sent. When the specified number is reached all subsequent flows will not be counted (the limit is necessary to ensure protection against DoS attacks). Default value: 2000000. To disable the limit, set the value to 0.

nat-events

Enable/disable sending information about NAT conversions to Netflow statistics:

• on.

• off.

refresh-rate

Number of packets after which the template is sent to the receiving host (only for Netflow protocol versions 9/10). The template contains information about the configuration of the device and various statistical information. The default value is 20 packets.

timeout-rate

Time after which the old template is sent to the receiving host (Netflow 9/10 versions only). The template contains information about the configuration of the device and various statistical information. The default value is 1800 seconds.