Request Information


  • down-arrow Citrix ADC
    11.0 VPX, 11.0 SDX, 11.0 MPX, 11.1 VPX, 11.1 SDX, 11.1 MPX, 12.0 VPX, 12.0 MPX, 12.0 SDX, 12.1 VPX, 12.1 MPX, 12.1 SDX, 12.1 CPX
  • down-arrow Citrix Gateway
    11.0, 11.1, 12.0, 12.1

Product Details

Technology developed by NetFlow Logic allows users to effectively solve a broad spectrum of network management and security issues that network operators are facing today.

NetFlow Optimizer (NFO), is a powerful real-time processing engine for any type of flow data, including NetFlow, sFlow, J-Flow, and IPFIX.

As flow data is very voluminous it is not practical to use the data directly translated from binary to text or syslog for analysis and visualization. Therefore, NetFlow Optimizer can generate multiple syslogs, each optimized for a specific purpose. NetFlow Optimizer (NFO) uses patented streaming technology which allows processing of flow data up to 10 times faster than competitive products. It can simply translate flow data 1:1 for storage and forensic analysis purposes to satisfy compliance requirements or it can produce optimized and enriched NetFlow records which can then be visualized and processed by other systems.

NetFlow Optimizer enhances the capabilities and value of existing SIEM systems and log analyzers.

Adding flow technology to your network monitoring and analysis tools has never been simpler or more affordable.

  • Protect Your Investment.
  • Reduce Storage and Bandwidth Costs.
  • Accelerate ROI and advance your business goals!

NetFlow Optimizer delivers a critical component for complete network visibility and expands the use of your existing log analyzers and SIEM Systems from vendors like Splunk, Sumo Logic, etc.
NFO processing engine provides aggregation of records from multiple flow data and log sources, converts it into standard syslog format, and filters to eliminate redundant data. This allows you to save money on storage hardware and license fees for visualization software, which is often based on the amount of processed traffic.

NetFlow Optimizer provides real-time network monitoring and enables advanced level of operational intelligence and security for virtual and physical networks.

NFO delivers the critical component for complete network visibility by extracting valuable data from NetFlow, enriching it with additional information, and making available for correlation with other machine data. It is complementary to traditional network security solutions that can be bypassed by unknown malware and well prepared targeted attacks. When used together with Security Information Event Management (SIEM) systems, it provides an effective solution for detecting advanced security threats such as DDoS attacks, botnets, insider threats, data leakage, etc

NetFlow Optimizer Benefits

  • NFO is a software solution. No investment in expensive proprietary hardware is required;
  • It provides unmatched performance and can process up to 350,000 records per second on an 8-core machine with 16GB of memory. Millions of flow records per second can be processed if multiple instances of NFO are deployed;
  • Unique real-time consolidation and archiving technology optimizes the flow data sent to the SIEM, without losing the accuracy of the information;
  • NFO can be deployed in a virtual environment and scales horizontally and vertically with the growth of the enterprise network.


  • Provides multi-dimensional views of your network traffic by summing up flow counts, bytes, packets and other flow characteristics per protocol, per application, per network host or per subnet over a period of time, and reports loads on network devices, top bandwidth consumers, and servers’ response times;
  • Enables actionable virtual and physical network monitoring. Identifies VMs affected by physical network outages. Visualizes virtual and physical network data paths. Supports point-to-point communication tracing: VM – VM, VM – physical host, VM – VM over VXLAN;
  • Identifies impact of physical network devices and interface failures on the virtual network;
  • Monitors network devices and interface loads. Measures bandwidth consumption for capacity planning. Identifies applications and users that consume bandwidth;
  • Enriches flow data with current Reputation, GEO IP and DNS data;
  • Identifies security threats and traces current known threat sources;
  • Initiates alerts of anomalous network host behavior and anomalous network traffic including “low and slow” DDoS attacks;