Netflow Top Report: an advantage for your service desk!

Because the service desk is essential to the company’s performance, its ability to respond to users must be optimized. Specific tools have been designed to make this easier: Netflow Top Report is one of them. What is this tool? What added value does it have? Interview with Frédéric Ribes, Service Desk Manager at Maltem Insight Performance.

How is Top Report useful to the Service Desk?

Top Report is an analysis report which provides a list of the main data flows responsible for a (possible) network slowdown (screenshot below, Editor’s note). Data flows are the different types of traffic, incoming and outgoing. In practice, these data flows include traffic linked to the web (the http or https protocol), email exchanges, file sharing and more. With Top Report, we can identify where these slowdowns come from and categorize them, whether they are linked to remote sites (Remote Services) or are a local issue (Local Services).

*customizable number (from 10 to 200)

Top Reports Netflow : un atout pour votre service desk !

How are these data flows analyzed?

We carry out this analysis with the Netflow protocol. This network monitoring technology, developed by Cisco Systems, collects information about data flows (incoming and outgoing). It enables users to oversee the resources used by the network. This data flow analysis allows us to collect information about router traffic. For example, Netflow can identify the most chatty IP address (local or remote), namely the one which monopolizes the information system the most. It can also assess which pairs of addresses (Top Pairs) or which applications (Remote/Local Services) are the most active and therefore the most problematic for the network.

Can you give us an example of a resolution provided by Top Report?

Yes – several, in fact!

If the Service Desk is contacted about a network slowdown on a remote site, Top Report can find out, for example, if there’s a problem with an upgrade (capacity planning) or a virus.

Another example: migrating an application to the cloud. Top Report can immediately identify whether there is sufficient bandwidth between the internal infrastructure and the cloud. Is it sufficiently fast to be able to support traffic related to all uses of the information system? If it’s currently 2mbps, should it be upgraded to 10mbps?

We can also use Top Report to prevent risk. Recently, one of our clients feared having been hit by Wannacry RansomWare which flooded the networks in spring 2017. Using the Netflow protocol enabled us to assess whether there was abnormal traffic linked to this RansomWare by collecting the associated data flows corresponding to vulnerable network ports, conducive to possible viral attacks. In this way, we were able to identify abnormal traffic potentially linked to RansomWare: we located the impacted sites and advocated a security policy, which has rationalized and optimized the protection system.

How can your intervention optimize a Service Desk’s performance? Isn’t a Service Desk already equipped to find solutions for all these issues?

We support the Service Desk because our task is to optimize the performance of the information system. We implement a managed service based on measuring performance. In this way, we can anticipate problems and make diagnosis easier. We objectively provide the necessary tools for continuous improvement and a consolidated view of the information system.

  • Share:
Send a Message