Usually, our customers configure NetFlow export directly on their devices (routers, switches, firewalls, etc). But in case the company policy (especially in Asian countries) prevents enabling export on devices, or if devices are not capable of exporting NetFlow data, we need to implement a NetFlow probe. There are paid probe software options available, however, we will focus on an open-source

NetVizura is a complex software composed of a few databases, Tomcat, and a lot of code, supported on Windows and numerous Linux distributions for AMD64 architecture. With the advent of 8GB RAM RPI 4, there have been numerous projects using this version in its implementation. Maybe the most famous would be ESXi on ARM with project Monterrey (we internally dominantly use Proxmox, while Xen and

OPNsense is an open-source, FreeBSD-based firewall distro. It provides a modern GUI and numerous plugins. A great plus is its ease of use, in contrast to some other open-source firewalls in the past. Also, OPNsense is a fork of Pfsense (we wrote about Pfsense, so check out that blog post as well - the link is below).

pfSense pfSense is a free network firewall distribution,

NetVizura already has good Active Directory End Users integration - you can forward your logs from AD DC into NetVizura, and then correlate these login data with NetFlow data from your exporters. The result is a much better insight into the state of your network.

Palo Alto has a functionality called User-ID (read more on the following page: User-ID). It allows you to export Palo Alto

The Elasticsearch upgrade process is somewhat straightforward. Download the upgrade, apply it, and then restart the Elasticsearch service. However, in NetVizura we are not using elastic-licensed Elasticsearch but apache-licensed installation. Elasticsearch doesn't deliver such a version in EXE or MSI flavor, therefore you can only download the zip file. To avoid ZIP and BAT file and registry