How NetFlow Keeps Networks Running, People Alive

In all the technical discussions about network routers, switches, throughput, packets and the alphabet soup of acronyms that apply, it may be easy to forget that network downtime can have life-or-death consequences. For two NetFlow users, the requirements for the network monitoring technology were less dire, but the results were still compelling.

Jhune Rosario is the network systems administrator for Puget Sound Blood Center, which operates 17 sites where blood is drawn from donors and 51 hospitals that use that blood supply to treat patients. Some of those sites are a three-hour drive from Puget Sound but have only a T1 line connecting them, so the implications of that connection going down are significant.

"Recently I met a family whose son had leukemia and they had to do almost two transfusions a week. If they don't get that transfusion, that child could be in a very difficult situation," Rosario says.

The child could be waiting for blood, but with the network down, lab technicians can't confirm whether a donor in, say, Bellingham, Wash., is the right blood type for the patient, he says.

While Puget Sound is a nonprofit without the budget to replace a T1 line with a 10-Gbps connection, it has benefited from adopting NetFlow technology to monitor its network and proactively troubleshoot problems before they cause an outage. Puget Sound Blood Center, which uses NetFlow technology from Lancope, has saved $22,680 in costs for each hour of network downtime it suffered.

The blood center is one of several examples Lancope cited in a recent report on "The State of NetFlow."

NetFlow is a network protocol developed by Cisco Systems in 1996 to collect IP traffic information and provide visibility into a network. IT professionals monitoring their networks with NetFlow can see where situations like network congestion or a mis-configured switch are occurring and intervene to fix those problems. Variations of NetFlow are now widely used in networking gear from such companies as Alcatel-Lucent, Cisco, HP's 3Com and Huawei Technology. Other flow-based technologies like SFlow are used by Juniper and Extreme networks. The IETF's IP Flow Information Export (IP-FIX) standardizes the flow reporting protocol, but has yet to see wide spread adoption.Puget Sound Blood Center has seen network uptime improve since introducing NetFlow, Rosario says: "On our old system we always had to react to a situation. Now our help desk can see that the system is running slow, then they can proactively look up that information and alert the folks who can start solving the issue."

The problem was different at Grafisch Lyceum-Rotterdam (GSR), a university in the Netherlands. The university was hampered by existing firewall technology and an embedded intrusion detection and intrusion prevention system (IDS/IPS) that could only inspect a portion of network traffic and did not provide visibility into the school's high-speed internal and virtual network. Using Lancope's StealthWatch NetFlow technology, GSR gained wider visibility into its Internet gateway traffic and the internal and virtual network. GSR also reported faster time to resolution for network problems and a 75% cost savings compared to what it had before.

For AirTran Airways, the network challenge was maintaining Payment Card Industry (PCI) compliance across a widely distributed network serving about 10,000 end users. Because it's billed as a low-cost airline, AirTran needed a cost-effective and scalable network monitoring system to enable employees to take credit cards from wherever possible--at any gate, ticket counter or kiosk. Its deployment of StealthWatch enabled the airline to improve PCI compliance, increase network visibility, and better identify and address anomalies to improve network security.

A recent Lancope-sponsored study by Enterprise Management Associates found that the most popular current uses of flow data are traffic monitoring (76%) and security monitoring (61%). Other key findings include: 47% of respondents leverage flow data for understanding services consumption; 46% use flow data for planning/engineering; 96% say they expect to maintain or expand their use of flow data during the next 12 to 18 months; and NetFlow is the most popular type of flow data, used by 70% of respondents.

Learn more about Strategy: OpenFlow vs. Traditional Networks by subscribing to Network Computing Pro Reports (free, registration required).