J-Flow is very similar to Cisco NetFlow. This messaging system will help your communicate with your Juniper Networks equipment to capture traffic data.
J-Flow is a network messaging standard that is specifically designed for traffic analysis. The J-Flow standard is a proprietary protocol of Juniper Networks, Inc. and is pre-loaded on all of the company’s network equipment.
J-Flow is a useful method both for packet sniffing and for gathering data transfer statistics from a Juniper Networks router or switch. Although data is collected at the device, it needs to be transmitted to a central store for analysis. Not all network monitoring and traffic analysis tools are able to interact with Juniper equipment in order to collect this useful data.
The data collected by J-Flow can be stored on the network device. However, the user interface for the device does not have full analytical capabilities, so it is better to flush that data onto a central controller for storage and analysis. That also enables you to keep the memory of the router or switch available for other tasks.
Here is our list of the best J-Flow monitoring tools:
- SolarWinds Bandwidth Analyzer Pack EDITOR’S CHOICE A complete network monitoring system that covers network performance and traffic analysis. The traffic management system is compatible with NetFlow, J-Flow, sFlow, NetStream, and IPFIX. This software installs on Windows Server. Start a 30-day free trial.
- Paessler PRTG J-Flow Monitoring (FREE TRIAL) A combined network, server, and application monitor that includes J-Flow, sFlow, and NetFlow monitors as well as a general packet capture tool.
- ManageEngine NetFlow Analyzer (FREE TRIAL) A traffic monitoring and analysis tool that is able to extract data through J-Flow. Installs on Windows Server and Linux.
- Nagios Network Analyzer J-Flow, NetFlow, and sFlow monitoring with this traffic analysis module that complements Nagios XI.
- Opsview Monitor with Opsview Network Analyzer J-Flow, NetFlow, and sFlow monitoring with this module that is an add-on to the core Opsview Monitor.
- WhatsUp Gold with Network Traffic Analysis Add the traffic analysis module on to the base WhatsUp Gold network performance monitor to get J-Flow, sFlow, NetFlow, NetFlow Lite, IPFIX, and QUIC capabilities.
- Plixer Scrutinizer A standalone traffic analyzer that includes J-Flow, sFlow, NetFlow, NetStream, and IPFIX tracking.
Network Traffic Analyzers
There are many great network monitoring tools available on the market today and it takes a lot of time to preview and evaluate all of your options. That’s why we produced this guide to save you time and direct you towards the best monitoring tools that have J-Flow capabilities.
Network management tools are produced in a modular format with specialist software focusing on specific aspects of networks. For J-Flow capabilities, you need to concentrate on traffic analyzers. This category of monitor will let you examine the flow rate of data across your network. In order to get a full picture of your network’s capabilities, you will also need to employ other specialist tools, such as network device monitors, server and application monitors, and specialist modules for mobile device management. If you also add on IP address management and configuration management you will have the full suite of a network administration system.
Even if you are only interested in a traffic analyzer for the moment, it pays to think of how you might want to expand your network management software in the future. In order to produce a list of network analyzers that are the best-of-breed, it is important for us to include options that are suitable for different network sizes. This list of recommendations includes options for small networks as well as full-service bandwidth monitors that fulfill the needs of large networks.
Best J-Flow monitoring tools
Each of these tools offers extended capabilities, giving other features in addition to J-Flow reporting. See the following sections for more details on each tool.
SolarWinds produces a range of network management tools that are all written on a common platform, called Orion. This means that it is possible to link together several products. The group includes cross-module features that really ramp up your network analyzing capabilities and the Network Bandwidth Analyzer Pack creates a perfect combination that beats all of the competition.
With this combination of the company’s NetFlow Traffic Analyzer and its Network Performance Monitor, you get SNMP monitoring to track the health of your network devices as well as traffic analysis capabilities.
Both modules include a series of sensors and you can choose which of these to activate. Don’t be put off by the name of the analyzer because the NetFlow Traffic Analyzer has more than just NetFlow capabilities. The system can interact with network equipment using J-Flow, just as easily as it can with NetFlow. It is also able to communicate with sFlow, NetStream, and IPFIX, so if you have a multi-vendor environment, you will be able to pick up data from all of your equipment.
The analyzer will help you monitor link data capacity and throughput and also watch end-to-end traffic scenarios. The tool is capable of tracking flows between sites, too, so if you operate a multi-site WAN, you can centralize all of your traffic analysis tasks at one location. The visibility on traffic also extends to Cloud services. There are a number of great features of the analyzer that require input from the Network Performance Monitor. These include the NetPath utility, which gives you a critical path analysis, with visualizations to help you look out for different hazards and bottlenecks on the various routes through your network. The PerfStack module lets you watch the performance of a range of interdependent hardware and software elements with live data flowing through each monitor. The performance graphs stack on top of each other on one screen, so you can instantly see where congestion, collision, or delays are being generated on a per-app basis.
A wireless monitoring feature extends your traffic stats off the wire and into the air. The Network Performance Monitor also includes a great wifi heat map graphic to which you can feed in your office plans and get a real-life view of your signal footprint. Network mapping is a really strong feature of the Network Performance Monitor. Out of the box, the tool will gather information on all of your network devices, not just your Juniper equipment. It gets those devices in a monitoring list and gives you instant live feedback on device statuses. The network map is plotted automatically from those initial discovery routines and gets updated instantly when equipment is added, deleted, or moved.
Those mapping capabilities get enhanced with J-Flow data so you can see instantly from the network visualization which links are heavily-loaded and which are being underutilized. The analysis functions give you great visualizations of applications and protocols that place the most load on your network, both as a live report and as a capacity planner based on historical data.
Once you have a better idea of your traffic load, you can use the extended management capabilities of the NetFlow Traffic Analyzer to implement CBQoS tagging to optimize your existing resources. You can squeeze extra performance out of your infrastructure and avoid expensive and needless additions to your hardware inventory.
The dashboard of this unified monitoring pack is customizable and password-protected. So you can set up different user groups and individual accounts that have access to different levels of data views and controls. That’s great if you have a team of varying experience and capabilities to help you monitor your network. It even enables you to give non-technical management limited access to performance views and the reporting tool for presentations.
Dashboard elements include dials, graphs, pie chart, histograms, and live data graphs and any of these can be added to printed reports or placed on presentational browser-based intranet pages. The system generates alerts from the SNMP messages that it processes. You can also customize alert-generating events and include J-Flow data into the triggers. Alert notifications can be tailored to be sent out to specific team members according to source and severity and they will appear on that team member’s dashboard as well as being sent as SMS or email alerts.
This is the top-of-the-line package that is really best suited for team-managed large networks. The system installs on Windows Server environments and you can test the pack with a 30-day free trial.
The SolarWinds Bandwidth Analyzer Pack is our number one pick for J-Flow monitoring because it also includes methods for traffic shaping, so it will help you to fix any problems that arise with your network’s traffic flows. The pack includes the Network Performance Monitor and the NetFlow Traffic Analyzer systems. These two tools are written on a common platform and slot together seamlessly to offer all of the monitoring and management tools that a network manager needs. Start 30-day Free Trial: solarwinds.com/network-bandwidth-analyzer-pack OS: Windows
The SolarWinds Bandwidth Analyzer Pack is our number one pick for J-Flow monitoring because it also includes methods for traffic shaping, so it will help you to fix any problems that arise with your network’s traffic flows.
The pack includes the Network Performance Monitor and the NetFlow Traffic Analyzer systems. These two tools are written on a common platform and slot together seamlessly to offer all of the monitoring and management tools that a network manager needs.
Start 30-day Free Trial: solarwinds.com/network-bandwidth-analyzer-pack
Paessler PRTG is a unified monitoring tool that covers networks, servers, and applications. The capabilities of this package are vast and the company ships the full suite to every customer. The system is made up of a series of sensors and you just tailor it to your needs by choosing which sensors to activate. So if you only want to use PRTG for network traffic analysis, you can only turn on those functions and leave the rest dormant.
Limiting the system to just a few sensors will save you a lot of money because Paessler charges for PRTG based on the number of active sensors. The charge rate works on bands of sensor numbers and if you activate 100 or less you don’t have to pay anything for the tool. However, if you ever want to expand the reach of your PRTG implementation, you have to make an upgrade payment and then you can turn on more sensors.
PRTG implements traffic analysis with four packet capture sensors. These are:
- J-Flow sensor
- NetFlow sensor
- sFlow sensor
- Packet sniffer
If you just want to centralize J-Flow data then you only need to turn on the J-Flow sensor. If you have equipment from other providers on your network, then you might also want to use the NetFlow and sFlow sensors, or just use the native packet sniffer to capture packets travelling through all brands of network devices. The PRTG packet sniffer only captures packet headers; therefore, you don’t need to worry your CIO over data integrity issues because no one on the systems administration team will be looking into the payloads of the packets travelling across the network.
The Ping sensor should also interest you. It will give you round-trip performance data on essential paths, including out to remote sites on a WAN or up to Cloud services. The traffic monitoring sections of PRTG also include wireless networks. The monitor can log your traffic flows that are tagged for the QoS, CBQoS, and IP SLA standards.
The traffic analysis console will identify the protocols and applications originating each packet and identify them. This enables you to focus on one slice of your network traffic according to purpose, and you can also group traffic by conversation. The applications types that PRTG identifies include email traffic, chat app traffic data, Web transactions, and file transfer packet volumes.
Getting a map of your network with traffic statistics coded on it is a big aid to capacity monitoring and you can get a great map from PRTG. This tool uses an SNMP sensor to discover all network devices and their interconnections. The links between these devices get plotted onto a map and all equipment and links are shown with color-coded statuses.
SNMP traps get interpreted into dashboard alerts by PRTG. These alerts can be filtered to strip out the less important messages and prevent your console from getting cluttered with non-essential notifications. You can also customize your own alert conditions, including traffic capacity utilization conditions as well as equipment statuses. Why not mix together conditions to create custom alerts that blend several sources of warnings? With PRTG, this type of creativity is possible and you can also route categories of notifications to different team members according to source and severity. Alerts can be pushed out through email, SMS, or a chat app to notify team members even when they are away from their desks.
PRTG offers some really good mapping options, which include a real-world map with site links drawn onto it for WANs. You can also use the automatically-generated sunburst map, which is proprietary to Paessler. This shows underlying services with higher layers and applications radiating out from the center. The result of this display is the circular, status-colored “sunburst.” It’s a good visual for presentations as well as a shortcut method to spot the root cause of performance issues.
PRTG is available as on-premises software or as a cloud service. All PRTG software elements, including data collectors for the Cloud version, install on Windows Server. You can get a 30-day free trial of PRTG with unlimited sensors.
ManageEngine NetFlow Analyzer is a traffic monitor that is able to communicate with network devices through the J-Flow protocol. This tool can also sample traffic and gain throughput statistics with the NetFlow, IP-FIX, sFlow, AppFlow, and NetStream standards.
The NetFlow Analyzer makes rapid use of data collected with J-flow statistics displayed immediately in the system dashboard. Information is made available with both data and graphical representations appearing on the traffic monitoring screens. Those representations of data are more than just an eye-catching feature – they make instant recognition of statuses very easy.
The time-saving way that NetFlow Analyzer portrays system statuses will be appreciated by any time-pressed network administrator. Better still is the system of performance thresholds and alerts that is built into the monitoring service.
The thresholds that monitor the performance of your network offer several perspectives to supervise bandwidth usage. You can identify groups of IP addresses or devices and set bandwidth utilization thresholds on them – these aren’t limits because they won’t throttle traffic. Instead, if traffic rises above a margin of safety, the NetFlow Analyzer will notify you with an alert. That alert appears on the system dashboard and you can set the system to also send out alerts by SMS or email.
Depending on your traffic expectations, you can modify alert incidences by specifying that only threshold breaches that occur with a particular regularity should be reported or that traffic peaks that endure beyond a time limit should provoke an alert.
Those notifications give you time to deal with traffic volume excesses before they impact delivery quality. This is particularly important in the case of live, interactive protocols, such as VoIP or video conferencing. NetFlow Analyzer includes the capabilities of analyzing protocol traffic and imposing IP SLA and NBAR measurements to identify the efficient performance of those time-sensitive traffic flows.
Analytical tools in the NetFlow Analyzer package enable you to investigate major traffic issues. You can watch traffic flows over time and see when demand hits the system’s capacity limits. You can also identify which applications, protocols, and endpoints generate the most traffic.
Link statistics expose which parts of the network are acting as bottlenecks that slow traffic or even lose packets. Once you can see the what, where, and why of traffic problems, you can access traffic management tools within NetFlow Analyzer to fix those issues.
Capacity planning tools will help you spot where resources are underutilized and where they are overstretched. With those tools, you will be able to see if rerouting traffic by protocol or relaying the physical layout of the network will enable you to squeeze value out of your current investment. Traffic shaping measures can be implemented within NetFlow Analyzer to prioritize real-time application traffic and head off capacity issues without the need for further capital investment. Other management features in the tool include VLAN tagging, QoS management, and Access Control Lists.
Other utilities in the NetFlow Analyzer package include packet header sampling for deeper traffic analysis and traffic trends identification. You will be able to work out whether shifting some system tasks to after-hours processing could alleviate bandwidth capacity issues without needing to expand your physical infrastructure. Network traffic volumes inevitably increase over time and the trend analysis tool in NetFlow Analyzer helps you plan ahead and expand your resources exactly when extra capacity will be required.
Buying network management software costs money and you will need to justify the expense of acquiring ManageEngine NetFlow Analyzer. That proof comes from the quality of reports that the system produces as well as its cost-saving capacity planning and traffic shaping measures. Corporate influencers and senior management will be a lot less hostile to your efforts if you provide them with the statistics and performance proof that they are always asking for. The NetFlow Analyzer doesn’t just free up your time for other tasks, it also automatically produces volumes of metrics and analysis reports to keep any accountant happy.
ManageEngine NetFlow Analyzer is available in two editions – both are available for installation on Windows Server or Linux. The lower edition is called Essential. The higher package, Enterprise includes all of the IP SLA, NBAR, and CBQoS tools that will really help you to get real-time applications running smoothly. That Enterprise plan is able to monitor multi-site networks and also includes IPAM and switch port mapping features. ManageEngine offers a 30-day free trial of both the Essential edition and the Enterprise plan.
Nagios began as a free network monitoring system, which is called Nagios Core and is still available. The premium version of Nagios is called Nagios XI. The developers of that system have also produced the Nagios Network Analyzer. It is possible to buy both Nagios XI and Nagios Network Analyzer together and get a discount. The two systems interact so you can combine functions and pool data from both applications.
One advantage of using the Nagios system is that the free Core version is used by a large community that develops extensions to the system and distributes them for free. The underlying engine of Nagios XI is the same as Nagios Core, so operators of the paid version of Nagios also have access to a library of free plug-ins that extend the monitor’s capabilities.
The Nagios stable of products are all written to run on Linux – specifically RHEL and CentOS. This network analyzer is able to communicate with equipment using the J-Flow protocol. The base Nagios system uses a proprietary messaging system to check on the health of network devices instead of SNMP. However, the Nagios system is still able to detect the existence of equipment on your network and log them. Nagios also gives you an excellent map of the network, which is updated automatically.
Both the map and the equipment inventory act as an index of devices, which give access to a detail screen for each. The Details screen gives a range of statuses on the attributes and operating health of that piece of equipment. This status polling of capabilities extends to a wide range of switch and router types including those manufactured by Juniper Networks.
Despite the fact that the main module of Nagios employs an alternative monitoring system to SNMP, the Network Analyzer module is capable of monitoring SNMP messages and receiving SNMP Traps. These provide alerts to the dashboard, which gives the users of Nagios Network Analyzer a second channel to monitor network equipment statuses.
Nagios Network Analyzer is able to collect J-Flow messages and also display live packets as they travel across the network. That packet data can also be stored to file for later access. When you read a packet file into the Nagios viewer, you will be able to get an overview of the types of traffic that your business generates. The analytical features of the analyzer include a Bandwidth Utilization Calculator, which will report on traffic by source type, origin address, or protocol. Those factors can also be combined. The calculator enables you to see which applications or activities generate the most traffic on the network. Leaving filters off gives you a full throughput replay that will enable you to examine which links of the network came under strain.
The traffic monitoring capabilities of the Nagios Network Analyzer include facilities for intrusion detection and data theft. The packet-level visibility of the tool will help you detect malware activity, and device vulnerabilities.
The analyzer can support traffic-shaping efforts, including QoS management for VLANs and high-volume applications, such as video conferencing.
The Nagios dashboard includes visualizations, such as graphs, histograms, and pie charts, which make recognition of live statuses a lot easier. The dashboard can be customized and you can set up different consoles for different user accounts and user groups, which will enable you to give access to sets of controls and data views to different team members.
Nagios Network Analyzer is bought as a single license, or as a multi-user system. You can get a 60-day free trial of the system for evaluation.
Opsview is a contender system monitoring tool that has a great Network Analyzer add on. You need to buy the standard Opsview Monitor package, which is available on subscription. The tool is packaged in two editions — one for small businesses and one for larger enterprises. There is also a free version. However, the free Opsview Monitor can’t be expanded for free by the Network Analyzer module.
The free Opsview Monitor will support up to 25 hosts. This is also offered as a free trial version of the system. For larger implementations, you can monitor up to 300 hosts with the SMB Plan, or as many as 20,000 hosts with the Enterprise Plan. Opsview offers a 60-day free trial of the Network Analyzer.
Opsview was developed from a collection of Nagios Core plug-ins and it is still compatible with Nagios, so it can be extended by any add-on that is compatible with Nagios Core. The Opsview system runs on Linux – specifically CentOS, Debian, RHEL, and Ubuntu.
The Opsview Monitor is able to administer networks, servers, and software whether they are located on premises, on the Cloud, or at remote sites. The monitor integrates SNMP procedures to discover and monitor network equipment. An initial system sweep assembles an inventory and repeated polling keeps that registry updated. The data provided by the inventory gets automatically interpreted by Opsview into a network map, which is kept up to date according to any equipment changes. The dashboard of Opsview Monitor displays live statuses of devices on the networks. SNMP traps get shown on the dashboard as alerts.
The Opsview Network Analyzer has J-Flow capabilities. It is also able to communicate with devices through NetFlow and sFlow. The analyzer treats J-Flow as NetFlow messages because the two systems are fully-compatible. So if you opt for NetFlow monitoring, you will also get J-Flow capabilities. This will enable you to integrate our network analysis procedures for all types of network equipment, no matter who manufactured it. So if your equipment is not all supplied by Juniper Networks, you can still gather data across the entire infrastructure.
Monitoring for IP SLA factors (jitter, latency, Mean Opinion Score, and packet loss) can be preset according to your network policies and acceptable tolerance levels. You can set your own performance thresholds and create alerts for whenever these are breached.
The traffic analyzer can display live J-Flow packet captures or you can store those packets to file for mass evaluation offline. The packets can be grouped by source, protocol, or destination, enabling you to rank traffic generators and work out where all of the demand on your network comes from. This will also help you to introduce traffic-shaping measures via queuing strategies, such as Class-Based QoS.
The traffic analyzer is able to compare equipment capacities with actual traffic volumes to highlight bottlenecks in the network. The dashboard uses graphical representations to clearly demonstrate traffic patterns and equipment limits.
Reports can be taken from the system in PDF, XLSX, ODT, HTML, or XML formats. Notifications can be sent via SMS, email, or Slack messages and can also feed statuses into your Help Desk system.
This is a comprehensive and award-winning network monitoring tool that gives the industry leaders a reason to worry.
For traffic analysis with WhatsUp Gold, you need to install the base module and enhance it with the Network Traffic Analysis add-on. This setup gives you the same breath of monitoring capabilities that the SolarWinds Bandwidth Analyzer Pack provides. The main WhatsUp Gold tool is a network performance monitor that tracks the statuses of your network equipment, including your Juniper devices.
When you install this package, the tool will start off by discovering all of your network equipment and the end-user devices connected to the network. This gets you SNMP monitoring of your equipment so you can keep ahead of device failure by spotting problems before they become critical. The discovery procedures will also plot your network on a map to make a baseline for your monitoring activities. The visualization will immediately make it clear whether you have your topology optimized because it shows color-coded statuses of every device and link. The map is updated constantly along with your device inventory, so if anything is moved, added or deleted from your network, the map will show those changes automatically.
Link status information on the map can be pulled in from a number of sources. The tool is able to communicate with network equipment using J-Flow and it can also gather data through NetFlow, NetFlow Lite, sFlow, IPFIX, and QUIC. If you have equipment bought from several manufacturers, then this broad protocol capability will really help you pull your statistics together. The flow data can be stored for broader packet analysis and flow metrics across links or tracked on end-to-end connections. The storage and loading capabilities provide analytical functions in the data viewer. These functions include sort, filter, group, and aggregation utilities. Reporting functions include pre-written traffic analysis printouts and you can customize your own reports.
The alerts generated by the base WhatsUp Gold system can be optionally delivered to different team members by email or SMS as well as showing up on the dashboard, color-coded by severity. The monitoring capabilities of WhatsUp Gold extend out over the internet to remote sites on a WAN or up to Cloud services. The monitor can also cover your wireless networks.
It is possible to customize the dashboard of the system, creating different views on data for different user groups. This will allow you to give access to all team members, limiting controls for junior members and creating role-specific consoles for each contributor. You can also create view-only accounts for non-technical managers. The reporting and data viewing capabilities work great for board presentations and they really contribute to collaborative problem solving and design efforts.
When you have traffic shaping strategies laid out, you can preview and then implement them with the aid of WhatsUp Gold. The package has NBAR monitoring and CBQoS capabilities.
WhatsUp Gold and the Network Traffic Analysis add-on both install on the Windows Server environment. You can get the package on a 30-day free trial to make sure that it is the right J-Flow network analysis tool for you.
Plixer Scrutinizer is a stand-alone traffic analyzer that doesn’t form part of a general network management system. The system can be implemented as a hardware device, as on-premises software, or as a Cloud service. The on-premises software has to be installed on top of a virtual machine system. It runs on HyperV, VMWare, and KVM.
Scrutinizer is primarily a data collector and it will use J-Flow in order to gather traffic examples and statistics. The collector can also work with NetFlow, IPFIX, and NetStream. The collector is also able to gather data from firewalls, servers, and wireless APs.
The main purpose of Scrutinizer is to store data streams for collective analysis. Live data passing through an analyzer doesn’t always give a complete picture of events because a packet-by-packet examination can’t spot intrusion anomaly signatures that are split across packets. So, the storage of packet data can lead to better analysis that reveals malicious activity as well as network infrastructure performance.
Scrutinizer uses several simultaneous sources of data on a network rather than collecting data from just one device. This gives a wider perspective on network performance because it is able to track the effects of a traffic surge that passes through the entire network, or just a few links. This multiple view can also give a clear insight into how other parts of the network behave while a congested link or overloaded device are coping with excessive volume.
The Scrutinizer system of collecting data from several network points simultaneously produces a large volume of data, so the database element of Scrutinizer has to be able to process, sort, and filter data at high speeds. The Scrutinizer analytical programs are able to work quickly through data to report on network performance issues within a meaningfully useful space of time.
Scrutinizer is sold on a subscription model with four service levels. The entry-level version of the package is free to use. However, it has volume limits and doesn’t include all of the utilities that the full Scrutinizer package provides. The three higher-level plans can be accessed for free on a 30-day trial.
Paid plans allow you more time to collect data in a study session and include longer storage periods. The ability to schedule data collection and reporting is also an extra that is only available to the paid plans. All plans include multiple user accounts, but the free version only allows two of them. The highest plan allows unlimited user accounts. The grades of four plans are designed to match enterprises of different sizes, so the free plan would create a monitoring system for a small enterprise.
The Scrutinizer system is certainly a good option for administrators who already have a network management system, but need to get analytical software that works independently of the standard operating network monitoring tool.
Testing Traffic Analyzers
This guide includes a range of options for network analysis with J-Flow. If you are in the market for a new network monitoring system and you have Juniper Networks equipment on your network, you should pay close attention to the tools at the top of our list. Your exact choice will come down to which of the other functions those monitoring packages provide and also the size of your network.
If you have no intention to change your existing network management tool, then the Plixer Scrutinizer system would be a very good option that could give you effective insights into traffic patterns on your network.
Fortunately, all of the tools listed in this guide offer free trials or give free versions for testing or perpetual use by small networks.
Give the tools on this list a trial and make the most of the J-Flow capabilities of your Juniper Network devices.