cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

NTA version 4.4 is Released

Product Manager

NetFlow Traffic Analyzer

Faster. Leaner. More Secure.

The new NetFlow Traffic Analyzer leverages the power of columnstore technology in MS SQL Server to deliver answers to your flow analysis questions faster than ever before. MS SQL 2016 and later runs in a more efficient footprint than previous flow storage technologies, making better use of your infrastructure. Support for TLS 1.2 communication channels and monitoring of TCP and UDP Port 0 traffic helps to secure your environment.

Version 4.4 also introduces a new installation process to confirm that you have the necessary prerequisites, and to guide you through the installation and configuration process.

NTA 4.4 is now available in the Customer Portal. Check out the Release Notes for an overview of the features.

Faster

The latest release of NTA makes use of Microsoft’s latest version of their SQL columnstore based flow storage database.  Columnstore databases organized and query data by column, rather than row index. They are the optimal technology for large-scale data warehouse repositories, like massive volumes of individual flow records. Our testing and our beta customer experiences indicate that columnstore indexes support substantial performance improvements in both querying data, and in data compression efficiency.

NTA was an early adopter of columnstore technology to enhance the performance of our flow storage database. As Microsoft’s columnstore solutions have matured, we’ve chosen to adopt the MS SQL 2016 and later versions as the supported flow storage technology. That offers our customers the ability to standardize on MS SQL across the Orion platform, and to manage their monitoring data using a common set of tools with common expertise. We’ve made deployment and support simpler, more robust, and more performant.

Leaner

This same columnstore technology also runs more efficiently with the existing resource footprint. This solution builds and maintains columnstore indexes in memory, and then manages bulk record insertions with much less intensive I/O to the disk storage. CPU required to build indexes is also substantially less intensive than our previous versions. As a result, this version will make better use of the same resources to run more efficiently.

More Secure

This version of NTA supports TLS 1.2 communication channels, required in many environments to secure communications with client users.

Beginning in this version, NTA will explicitly monitor network flows that are destined to TCP or UDP service port 0. Traffic that’s addressed to TCP or UDP port 0 is either malformed – or malicious traffic. This port is reserved for internal use, and network traffic on the wire should never appear addressed to this port. By highlighting and tracking flows addressed to port 0, NTA helps network administrators to identify sources of malicious traffic that may be attacking hosts in their network, and providing the information they need to shut that traffic down.

NTA will surface port 0 traffic as a distinct application, so the information is available in all application resources.

Screen Shot 2018-04-26 at 4.43.35 PM.png

Supported Database Configurations

This version of NTA maintains a separate database for Flow Storage. NPM also maintains the Orion database for device and interface data. Both of these databases are built in MS SQL instances.

New installations of NTA and upgrades to version 4.4 and later will require an instance of MS SQL 2016 Service Pack 1 or later version for flow storage. For evaluation, the express edition is supported. For production deployments, we support the Standard and Enterprise editions.

When upgrading to this version from older version on the FastBit database, data migration is not supported. This upgrade will build out a new, empty database in the new MS SQL instance.  The existing flow data in the FastBit database will not be deleted or modified in any way. That data can be archived for regulatory requirements, and customers can run older product versions in evaluation mode to temporarily access the data.

In the current NTA product, we require a separate dedicated server for Flow Storage. The simplest upgrade would use that dedicated server with the new release to install an instance of MS SQL 2016 SP1 or later for flow storage. Many of our customers will be interested in running both the Orion database and the NTA Flow Storage database in the same MS SQL instance. We support that, but for most customers that will take some planning to consolidate and to appropriately size that instance to support both databases.

Here's a more detailed discussion of NTA's New MS SQL Based Flow Storage Database. Also, a knowledge base article on NTA 4.4 Adoption is available, with frequently asked questions.

We’re doing some testing now to provide some performance guidance for key performance indicators to monitor. One of the benefits of using MS SQL technology for both of these databases is that there are many common tools and techniques available to monitor and tune MS SQL databases. We plan to provide guidance for both monitoring, and deployment planning.

Conclusion

Please visit the NetFlow Traffic Analyzer Forum on THWACK to discuss your experiences and new feature requests for NTA.

4 Comments
Level 10

Can MS SQL 2016 developer edition be used?

Product Manager
Product Manager

The Developer Edition is technically equivalent to the Enterprise Edition. The Developer Edition is licensed differently, however. As you are supplying the SQL database, you are responsible for license compliance.

See:Editions and supported features of SQL Server 2016 | Microsoft Docs

jreves

Level 8

Currently running NTA along side NPM and SAM in my environment... really awesome products... but will soon have to plan my move to a MS SQL database as mentioned above... and I just upgraded to the SolarWinds 2018 Platform!

Is it true that I can't migrate my existing database over to the new SQL instance if I do make this move?

Product Manager
Product Manager

Your Orion database and all of it's data is seamlessly migrated.  The flow data - which, in NTA release 4.2.3 and prior - was kept in it's own FastBit database instance - is not migrated.  So, when you move from NTA 4.2.3 to NTA 4.4, we build a new SQL flow storage database which is dedicated to flow records - and we do not migrate the flow records from the FastBit database.

There's been some confusion about the data that NTA keeps in the Orion database.  All of that data is seamlessly migrated. The only data we're not migrating are the actual flow records we retained in the FastBit database.

Here's some additional background:

  

NTA 4.4 System Requirements: https://support.solarwinds.com/Success_Center/Netflow_Traffic_Analyzer_(NTA)/NTA_4.4_System_Requirem...

Release Notes: https://support.solarwinds.com/Success_Center/Netflow_Traffic_Analyzer_(NTA)/release_notes

NTA SQL platform recommendations: https://support.solarwinds.com/Success_Center/Netflow_Traffic_Analyzer_(NTA)/What_are_the_hardware_r...

NTA 4.4 Adoption FAQ: https://support.solarwinds.com/Success_Center/Netflow_Traffic_Analyzer_(NTA)/NTA_4.4_Adoption_Freque...

NTA 4.4 Installation FAQ: https://support.solarwinds.com/Success_Center/Netflow_Traffic_Analyzer_(NTA)/NTA_4.4_installation_FA...

Orion multi-module system guidelines: https://support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Orion_Platform_Admi...

Databases used by Solarwinds modules: https://support.solarwinds.com/Success_Center/Orion_Platform/Knowledgebase_Articles/Databases_used_b...

joer

About the Author
Experienced Product Manager and technology pragmatist. Much of my professional background has been IT network operations for large enterprise companies, or for MSPs. I've worked as a tools architect, designing network monitoring systems. I've also worked in software development as a product owner and functional architect. I'm a flow nerd, and my peers have pressured me into writing poetry about network traffic flow. I'm a private pilot, and a drone pilot and builder.