Skip to main content
Capture Options
Alex Patnick avatar
Written by Alex Patnick
Updated over 2 months ago

Faddom supports the following options for capturing network traffic:

  1. VMWare environment - See details here: Setting up network traffic collection in VMware

  2. Nutanix AHV - IPFIX needs to be provided. For full details and the prerequisites see How to Discover Nutanix AHV

  3. Physical servers | Netflow
    Configured in the router or the switch and directed to a Faddom Sensor

    1. Verify a Faddom sensor is installed and configured.

    2. Configure the router or the switch to send Netflow data to the Faddom sensor.

  4. Physical servers | sFlow
    Install the Host sFlow agent on any server to collect utilization information and network traffic. For Windows Servers the Faddom-created sFlow Generator is required. For full details, please see Capturing network traffic using agents

    1. Verify a Faddom sensor is installed and configured.

    2. Configure the collector address for the Host sFlow agent to the Faddom sensor.

      See also Recommended sFlow settings.

  5. Physical servers | Port mirroring/tap
    Connecting the Faddom Sensors to mirror ports on network switches or to TAP devices.

    1. Prepare a server for the Faddom Sensor – either Windows or Linux, can be physical or virtual.

    2. Direct the mirrored traffic to the Faddom Sensor.

    3. Firewall configuration: Faddom Server should connect to the Faddom Sensors – TCP port 9545 (by default).

    4. Define the sensor in the Faddom GUI.

  6. Physical servers |local mode
    Installing Sensors on specific servers (physical or virtual). The installation is simple and does not require restarting the server.

    1. Install a sensor on the relevant servers – from which traffic should be captured.

    2. Firewall configuration (where applicable): Faddom Server should connect to the Faddom Sensors – TCP port 9545 (by default).

    3. Define the sensors in the Faddom GUI.

  7. Hyper-V | sFlow
    Use the Faddom extension to the Hyper-V switch, which exports network traffic statistics from Hyper-V hypervisor in sFlow format.
    Follow the steps in Hyper-V sFlow Configuration.

  8. Hyper-V | port mirroring
    Connect the Faddom sensors to mirror ports on network switches.

  9. Cloud environments
    Create permissions for Faddom to access the cloud environment and enable flow logs
    Mapping an AWS Subscription Using Faddom
    Mapping a Microsoft Azure subscription using Faddom

For non-heterogeneous environments, use multiple options. Faddom will combine the data in the system.

Did this answer your question?