What is Unidirectional and Bidirectional NetFlow?

What is Unidirectional and Bidirectional NetFlow?

47197
Created On 09/25/18 19:25 PM - Last Modified 06/13/23 05:01 AM


Resolution


Unidirectional NetFlow:

  • The flow of traffic from a host A to host B consists of packet exchange in two directions (A->B and B->A<reply>). These are considered two different unidirectional flows.
  • The Palo Alto Networks firewalls, with the exception of the PA-4000 Series, support unidirectional NetFlow. The firewall expects to see traffic flow from A to B and from B to A. However, when NAT is involved, the flow appears from A to B and B to the natted IP of A.

 

Bidirectional NetFlow:

  • The flow of traffic from a host A to host B is considered just one flow, from A->B. This includes the sum of packets from A->B and B->A.
  • Bidirectional NetFlow is not supported on Palo Alto Networks devices.

 

See Also

PAN-OS Netflow Templates and Field Types (PAN-OS 5.0)

PAN-OS Netflow Templates and Field Types (PAN-OS 4.1)

 

owner: dreputi
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClYYCA0&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language