Bandwidth monitoring with NetFlow in Palo Alto firewall

Palo Alto devices from version 4.1 onwards started NetFlow support. All the NetFlow configuration can be done from the device UI itself.

We were not able to get any screenshot which showed the NetFlow configuration for Palo Alto devices. Please find below the details of the tabs which will give you an idea of how to configure NetFlow on these device.

There are two mail steps to configure NetFlow on Palo Alto device:
1) Define a NetFlow server profile : specifies the frequency of the export along with the Netflow servers that will receive the exported data.
2) Assigning the profile to firewall interface :all traffic flowing over this interface is exported to the specified servers.

Step 1:
For defining a NetFlow server profile you have to navigate to Device > Server Profiles > Netflow in the GUI. Here you will see the following settings:

Name : Enter a name for the Netflow settings.

Template Refresh Rate
: Specify the number of minutes or number of packets after which the NetFlow template is refreshed (we recommend 1 Min; packets range 1-600, default 20).

Active Timeout : Specify the frequency at which data records are exported for each session (we recommend 1 Min).

Export PAN-OS Specific Field Types
: Export PAN-OS specific fields such as App-ID and User-ID in Netflow records.

Server Name : Specify a name to identify the server.

Server : Specify the host name or IP address of the server.

Port : Specify the port number for server access (default 9996).

Steps 2:

Once we have configured the NetFlow profile the next step is to assign the profile to firewall interface, for this navigate to Network > Interfaces > Ethernet. Click the link for the interface on the Ethernet tab, and specify the NetFlow Profile.

Once you have configured these two steps, the flows will be exported to the NetFlow Analyzer server and ManageEngine NetFlow Analyzer will auto detect the device and start generating the report for you.

Reference : http://digitalscepter.com/wp-content/uploads/PAN-Guides/Palo-Alto-4.1_Administrators_Guide.pdf

Reach us on Facebook at

NetFlow Analyzer TAC

Catch up with the latest updates in the industry, through our LinkedIn community

Bandwidth Monitoring and Traffic Analysis for Enterprises




Praveen Manohar






NetFlow Analyzer
Technical Team









Download


 | 


Interactive
Demo


  |


Twitter


 |


Customers




You Can Learn More About the ManageEngine Product Line By Going to manageengine.optrics.com

The original article/video can be found at Bandwidth monitoring with NetFlow in Palo Alto firewall

Leave a Reply