Netflow is a new technology that was originally invented by Cisco to describe what IP flows went trough a router. Flows was used to describe a certain session between two specific end stations and was stored in a memory cache to be quick accessible when a packet in that flow came in to the router. That way it was possible to forward the packet to the right interface without delay.

From a management view of course it could be interesting to follow those flows and see what machines is communicating with who and in what amount and protocol type. For this purpose cisco start to develop a function to export the information of the flows. to other equipment in the Network, so called Netflow information. By collecting and store this information in a database it is possible to follow the history of a station or to discover what station was consuming all the bandwidth a certain time.

The development has slowly emerged and the tools available has been difficult to handle and very technical. We have over the last couple of years seen a trend with more and more user friendly systems and more vendors implementing Netflow in their management systems. A leading vendor when it comes to Netflow has been Plixer with its Scrutinizer tool

Some other vendors than Cisco have had the possibility to export Netflow information but the range of products with this functionality has been limited. Primarily it is the vendors Cisco, Juniper, Extreme and Foundry that been developing those services. As we are talking about IP flows it is a function on level 3 (Network level) and the equipment has to have IP forwarding functionality which most simple switches don't have. So this is a function for routers or level 3 switches.

A standard with the name sFlow has been developed within the Internet standards organizations and is supported by more and more vendors. Today most of the router vendors have some flow export functionality.