11 Best Free NetFlow Analyzers and Collectors for Windows & Linux

This is where analyzing network traffic comes in handy using packet sniffing techniques.

So the question then comes: what is NetFlow and what are Network Analyzers?

NetFlow Analyzers and Collectors are very useful tools to assist in monitoring and analyzing network traffic data to help you manage these issues and potentially stop them before they become major problems.

NetFlow analyzers allow you to pinpoint machines and devices that are hogging bandwidth, to find bottlenecks in your system, and, ultimately, to improve your network’s overall efficiency.

Here is our list of the Top Free NetFlow Analyzers and Collectors:

1. SolarWinds Traffic Analyzer – EDITOR'S CHOICE This package of network monitoring and management tools tracks traffic patterns on the network and on VMWare vSphere implementations. Free for 30 days, thanks to a trial. Runs on Windows Server. Start 30-day free trial.
2. Site24x7 Network Monitoring – FREE TRIAL A network performance and traffic monitoring system that is delivered from the cloud. Available for free for 30 days.
3. Paessler PRTG – FREE TRIAL A collection of system monitors that includes a packet sniffer tool and is free for up to 100 sensors. Installs on Windows Server. Start 30-day free trial.
4. ManageEngine NetFlow Analyzer – FREE TRIAL A comprehensive bandwidth monitor with a free edition that is limited to two interfaces. Installs on Windows Server and Linux. Start a 30-day free trial.
5. Colasoft Capsa Free A packet analyzer with lots of graphical interpretations. Installs on Windows.
6. Angry IP Scanner A well-known and widely used free packet analyzer that includes an IP address manager and port scanner. Installs on Windows, macOS, and Linux.
7. The Dude A free network monitor that is particularly strong on network mapping. Installs on Windows, Linux, and macOS.
8. Noction Flow Analyzer This package of network traffic monitoring and capacity planning services by focusing on data extracted from switches and routers with a range of communications protocols, including NetFlow. Runs on Linux.
9. Plixer Scrutinizer A traffic analyzer with strong intrusion detection features. Installs as a virtual machine or can be taken as a cloud service.
10. Wireshark A widely-used free network packet sniffer that includes a packet viewer with a protocol analyzer. Runs on Linux, Windows, macOS, and Solaris.
11. nProbe A NetFlow probe and collector that is usually partnered with a separate front-end data analyzer. Installs on Windows and Linux.

The term “NetFlow” refers to a Cisco proprietary protocol for collecting information about IP traffic and for monitoring network traffic; NetFlow has become the industry standard protocol for flow technologies.

NetFlow software collects and analyzes this flow data generated by routers, and presents it in a user-friendly format.

A few other network vendors have their own protocols for network traffic data monitoring and collecting.

For example, Juniper, another highly respected network device vendor, calls their protocol “J-Flow.”

HP and Fortinet use “sFlow” standard which we've covered here. Even though Flow data has different names, they all provide mostly the same information and work in similar ways.

There are many analyzers and collectors available, and in this article, we will discuss 10 commercial and free NetFlow analyzers and collectors available for Windows.

What should you look for in free network analyzers?

We reviewed the market for free NetFlow traffic monitoring tools for Windows and Linux and analyzed the options based on the following criteria:

• A reliable service
• A system that includes packet capture capabilities
• A service that enables passing packets to be viewed
• An analysis function that allows packets from specific sources and destinations to be selected
• The ability to select packets by destination port number for protocol analysis
• Nice to have additional functions such as traffic shaping tools
• Free tools that are easy to install or the free versions of paid tools

With these selection criteria in mind, we have found some impressive free tools and the free versions of paid tools that have been in circulation for a while and have been tried and tested. We managed to find NetFlow analyzers that can be run on macOS as well as tools for Windows and Linux.

Most of the NetFlow software vendors listed below have instructions on how to enable NetFlow on various manufacturer’s devices. Your device manufacturer’s documentation should also have this information.

Here's the Best NetFlow Analyzers & Collectors:

1. SolarWinds NetFlow Traffic Analyzer – FREE TRIAL

SolarWinds NetFlow Traffic Analyzer is a specialized bandwidth monitoring tool that gathers data by communicating with switches and routers. The monitor uses NetFlow, J-Flow, sFlow, NetStream, and IPFIX when communicating with devices. This enables it to support multi-vendor environments.

Key Features:

• NetFlow, J-Flow, sFlow, NetStream, and IPFIX
• Packet sampling
• End-to-end path analysis
• Capacity planning
• Traffic shaping

The service selects key information from packet headers when it compiles its traffic flow statistics. This means that you can get traffic data segmented by source and destination and by protocol or application. With this, you will be able to work out which application is generating the most traffic and how traffic trends are changing per application. The package also enables you to implement traffic shaping methods to get the most value out of your physical infrastructure. This package installs on Windows Server. This is a paid tool but you can use it on a 30-day free trial.

Start 30-day Free Trial: https://www.solarwinds.com/netflow-traffic-analyzer/registration

2. Site24x7 Network Monitoring – FREE TRIAL

Site24x7 is a cloud-based service that is able to monitor systems that are located on-premises or in the cloud. The system queries network switches in order to gain status information and, by another method, to gain traffic statistics.

Key Features:

• Cloud-based
• Centralize monitoring for sites
• NetFlow, IPFIX, J-Flow, AppSteam, sFlow, cflow, and AppFlow
• Network discovery

The traffic monitoring service included in Site24x7 packages uses a range of communication protocols, including NetFlow, IPFIX, J-Flow, AppSteam, sFlow, CFlow, and AppFlow. These languages are used by the network equipment provided by more than 200 vendors.

The data gathered by agents on site is uploaded to the Site24x7 servers where it is processed and then shown in the system dashboard. Traffic volumes are shown live and also stored for time-series historical analysis.

Site24x7 offers a range of monitoring bundles, each focusing on a different aspect of IT systems. All of these bundles include the network traffic monitoring module. All of those plans are available for a 30-day free trial.

Official site: https://www.site24x7.com/network-traffic-monitoring.html

Download Now

3. Paessler PRTG NetFlow Monitoring – FREE TRIAL

Paessler PRTG provides many useful features. It includes support for monitoring LAN, WAN, VPN, as well as application, virtual server, QoS, and environmental monitoring.

Key Features:

• Free version
• Flexible package
• NetFlow, sFlow, jFlow, and packet sniffing

It comes with the capability to do Multiple Site Monitoring.

PRTG uses SNMP, WMI, NetFlow, sFlow, jFlow, and Packet Sniffing to monitor Bandwidth, along with uptime/downtime monitoring and IPv6 support. The Freeware version gives you 30 days of unlimited sensors, then 100 sensors free after that.

In summary, Paessler PRTG is a very flexible package. The bundle of tools can be customized so you get a lot more than bandwidth analysis services. Add on network performance monitoring and server monitoring to get a complete, automated system monitoring package. The traffic tracking system offers monitoring with NetFlow v5 and v9, plus IPFIX, sFlow, J-Flow, SNMP, and WMI. Set up alerts so that you can leave the tracking of regular activity to PRTG, knowing that you will be brought back to the console if problems start to evolve. You can start with a 30-day free trial.

Download: https://www.paessler.com/netflow_monitoring

Download 30-day Trial Now

4. ManageEngine NetFlow Analyzer – FREE TRIAL

This is ManageEngines’s full-featured version of their NetFlow Analyzer. It is a powerful piece of software, with a full range of analysis and collection capabilities.

They include real-time bandwidth monitoring and threshold alarms for set bandwidth usage, usage summaries, application and protocol monitoring, and much more.

Key Features:

• Cisco NBAR categorization
• Traffic shaping
• NetFlow, sFlow, J-Flow, IPFIX, Netstream, and AppFlow

System requirements for ManageEngine NetFlow Analyzer depend on the flow rate.

At a minimum, for a flow rate of 0 to 3000 flows per second, the recommended requirements are a 2.4 GHz Quad Core Processor with 4GB RAM and 200GB of hard-disk space.

The requirements go up as you increase the flow rate you wish to capture.

Price: The free trial version includes 30-days of unlimited monitoring, and after that it allows for monitoring of only two interfaces.

Download: https://www.manageengine.com/products/netflow/

Download Now

5. Colasoft Capsa Free

This freeware network analyzer from Colasoft allows you to identify and monitor specific protocols — it supports over 300 network protocols — and create customizable reports.

It includes email monitoring and a TCP timing sequence chart, all combined into you own customized dashboard.

Key Features:

• Basic monitoring
• Protocol analysis
• Live traffic maps

Other features include network security analysis, such as DoS/DDoS attack, worm activity, and ARP attack detection; packet decoding and information display; statistics on each host on network; and conversation monitoring and packet stream reconstruction.

Capsa Free supports all 32bit and 64bit versions of Windows XP, with a minimum of 2GB RAM and 2.8GHz CPU.

You will need NDIS 3 or higher compatible Ethernet, Fast Ethernet, or Gigabit with promiscuous mode driver- this mode lets it passively capture all packets on an Ethernet wire.

Download: http://www.colasoft.com/

6. Angry IP Scanner

Angry IP Scanner is a lightweight, open-source network scanner that is fast and easy to use. It does not require installation and can be used with Linux, Windows, and Mac OSX.

Key Features:

• Ping based
• Device discovery
• DNS resolution

It operates by simply pinging each IP address and can resolve host-name, determine MAC address, scan ports, provide NetBIOS information, determine logged-in user on Windows systems, web server detection, and more.

Its capabilities can be expanded with Java plugins. Data from scans can be saved to CSV, TXT, XML or IP-Port files. A very useful, portable network scanner.

Download: http://angryip.org/

Related Post: Best IP and Port Service Scanners

7. The Dude

Despite a name that brings images of someone sitting on the beach, avoiding work of any sort, and completely out of touch with the world, this application is, in fact, a popular and useful network monitor developed by MikroTik.

Key Features:

• Network discovery
• Topology mapping
• Live network monitoring

It automatically scans all devices and draws a map of the network. It monitors servers running on devices and alerts you in case of a problem.

Other features include auto-discovery and mapping of new devices, the ability for you to draw your own maps, provides you access to tools to remotely manage your devices, and more.

It runs on Windows, Linux Wine, and MacOS Darwine.

Download: http://www.mikrotik.com/thedude

Related Post: Best Linux Network Monitor Software

8. Noction Flow Analyzer – FREE TRIAL

Noction Flow Analyzer collects network traffic data from switches and routers by using the major IP flow statistical protocols. These are:

• NetFlow
• IPFIX
• NetStream
• J-Flow
• sFlow

NetFlow, developed by Cisco Systems is the most important of these as it was the first and all of the others are based on it. With these communication capabilities, the Flow Analyzer can get traffic data from practically any devices exporting flow, including ones produced by Netgear, Juniper Networks, Cisco Systems, Hewlett Packard Enterprise, Brocade, Extreme Networks, Dell, Arista, and Huawei.

Key Features:

• Live traffic monitoring
• Historical analysis

The monitoring package provides live traffic data displays, historical analysis of stored traffic data for capacity planning, and network performance monitoring with an alerting mechanism that gets triggered by arising problems.

Noction Flow Analyzer installs on Linux, specifically, Ubuntu, CentOS, and RHEL. You can get a free trial of the package.

Official site: https://www.noction.com/flow-analyzer

9. Plixer Scrutinizer

This full-featured traffic analysis tool provides you with the ability to comprehensively capture and analyze your network traffic and to find and stop errors quickly and efficiently.

Key Features:

• Performance and traffic monitoring
• Security monitoring
• NetFlow, sFlow, J-Flow, and IPFIX

With Scrutinizer, you can filter and drill down in nearly any way you can imagine, including time frame, host, application, protocol, and much more.

This extensive network system offers performance, traffic, and security monitoring and it also provides mapping and analysis functions.

Download: https://www.plixer.com/evaluate/

10. Wireshark

Wireshark is a powerful network analyzer with features that rival other free or paid services. It is cross-platform and can run on Linux, Windows, MacOS X, Solaris, and other platforms. Wireshark lets you view captured data via a GUI, or you can use the TTY-mode TShark utility.

Key Features:

• Live packet capture
• Searching and filtering
• Packet content views

Its features include capture and analysis of VoIP traffic, show live data from Ethernet, IEEE 802.11, Bluetooth, USB, Frame Relay, and others, output data to XML, PostScript, CSV, or plain text, decryption support, and much more.

System requirements include Windows XP and up, any modern 64/32bit processor, 400MB available RAM, and 300MB disk space. Wireshark NetFlow Analyzer is a powerful, must-have tool for any network administrator’s toolkit.

Download: https://www.wireshark.org/

11. nProbe

nProbe by ntop is a full-featured open-source NetFlow capture and analysis application.

Although it may not have as many of the visual bells-and-whistles like those of other applications on this list, that does not mean it is lacking in any features or capabilities.

Key Features:

• Live traffic analysis
• VoIP quality of service
• NetFlow and IPFIX

The executable binary installation file limits data capture to 2000 packets. (It is completely free for universities, education users, and non-profit and research organizations.) nProbe will run on Linux and Windows 64bit OS platforms.

Some of these include support for IPv4 and IPv6, Cisco NetFlow v9/IPFIX, NetFlow-Lite support, VoIP traffic analysis, flow and packet sampling, generating logs of web, MySQL/Oracle and DNS activity, and many more features. The software is free if you download and compile on Linux or Windows (http://packages.ntop.org/).

Conclusion

This comprehensive list of 10 free NetFlow analyzers and collectors should give you the ability to quickly begin monitoring and troubleshooting your network, from a small office LAN to a large, multi-site enterprise WAN.

(Locate instructions on how to enable NetFlow for your respective devices within the documentation for the application you choose, or if not there, then on the manufacturer’s website.)

If your looking for an open-source variation, see our list of some here.

Each application gives you the ability to monitor and analyze traffic on your network, key to finding small errors before they turn into big ones, pinpoint bandwidth anomalies that can be indicative of security threats, visualize your network and its traffic flow, and much, much more.

What you can do with the data these Network Analyzers give you is limitless. A must-have piece of software for all network administrators.

NetFlow analyzer FAQs