I was looking into setting up Netflow exports on my 4020 and noticed that the Admin Guide states that Netflow is supported on all but the 4000 series. Can anyone shed some light as to why?
Solved! Go to Solution.
I was not able to find much detail on the technical reason and if you require such detail I would suggest opening a case. I have been able to confirm there are no plans to implement Netflow on the 4000 series as it does not have the capability to gather the flow-based stats required for Netflow.
The technote for Netflow-Fields.pdf says the same thing:
PAN-OS can generate and export Netflow Version 9 records with unidirectional IP traffic flow information to an outside
collector. Netflow export can be enabled on any ingress interface in the system. Separate template records are defined for
IPv4, IPv4 with NAT, and IPv6 traffic, and PAN-OS specific (enterprise specific) fields for App-ID and User-ID can be
optionally exported. This feature is available on all platforms, except the PA-4000 Series. For more information about
Netflow, refer to the Palo Alto Networks Administrator’s Guide.
It would be interresting to get a comment from PAN why the 4000-series is lacking the netflow option?
My best guess is that 2000-series and below uses FPGA which PAN can programme themselfs on how they should operate while 4000-series uses ASIC which didnt include the netflow feature - but this is just a guess.
If this is correct, does the 5000-series use an ASIC or FPGA (and does the 5000-series support Netflow)?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!