Manageengine Netflow Analyzer Installation Guide File

ManageEngine NetFlow Analyzer: Installation Guide ManageEngine NetFlow Analyzer is a robust network traffic analysis tool that leverages flow technologies (NetFlow, sFlow, J-Flow, etc.) to provide real-time visibility into network bandwidth performance. Whether you are setting it up on Windows or Linux, this guide covers the essential steps to get your monitoring server running. 1. Pre-Installation Prerequisites

Before starting, ensure your environment meets these basic requirements:

Hardware: For 64-bit systems, a minimum of 8GB RAM is recommended, though higher flow rates may require 16GB or more.

Database: NetFlow Analyzer supports both PostgreSQL (bundled by default) and Microsoft SQL.

Network Ports: Ensure the following ports are open on your firewall: 8060 / 8061 (HTTPS): Web server access. 9996 (UDP): Default NetFlow listener port. 13306 (TCP): Internal PostgreSQL database. 2. Windows Installation Steps

Installing on Windows is a straightforward wizard-based process.

Download the Installer: Obtain the Windows executable (.exe) from the official ManageEngine download page.

Run as Administrator: Launch the .exe file with administrator privileges to ensure proper file access. Wizard Configuration: Accept the license agreement. manageengine netflow analyzer installation guide

Specify the installation directory (e.g., C:\ManageEngine\NetFlow).

Confirm the web server port (default 8060) and NetFlow listener port (default 9996).

Database Selection: Choose between the bundled PostgreSQL or an external MSSQL instance.

Install as Service: Select the option to install as a Windows service so the application starts automatically when the server boots.

Finish: Click Finish and wait for the initialization to complete. 3. Linux Installation Steps

Installation on Linux typically involves a command-line interface.

Download the BIN File: Download the appropriate .bin file for your Linux distribution. JVM Memory: Edit bin/setenv

Assign Permissions: Open your terminal and grant execute permissions to the file:chmod a+x ManageEngine_NetFlowAnalyzer_64bit.bin

Execute the Installer: Run the file with root or sudo privileges:sudo ./ManageEngine_NetFlowAnalyzer_64bit.bin

Follow CLI Prompts: Like the Windows wizard, you will be prompted to accept the license agreement and define installation paths and ports.

Start the Service: Navigate to the /bin directory and execute ./run.sh or use the system service command if configured. 4. Post-Installation & Configuration

Once the software is installed, you must point your network devices (routers, switches) to the NetFlow Analyzer server to begin seeing data.

Access the Web Client: Open a browser and go to http://:8060.

Configure Device Exports: Issue commands on your network hardware to export flow packets. For example, on a Cisco router, you would configure the destination IP (your NetFlow server) and port (9996). not the entire internet.

Performance Tuning: For large environments, adjust the Java Heap Size in the wrapper.conf file to match your available RAM (e.g., setting it to 4096MB or 8192MB).

If you'd like to dive deeper, I can provide a sample Cisco configuration script or help you set up automated email alerts once your flows are active.

NetFlow Traffic Analyzer | Real-Time NetFlow Analysis - ManageEngine

6.3 Tune Performance

• JVM Memory: Edit bin/setenv.sh (Linux) or bin/setenv.bat (Windows).
  • Set: SET JAVA_OPTS=-Xms2g -Xmx4g (adjust per RAM)
• Database Archiving: Admin → Database → Maintain archive policy (e.g., keep raw flows for 7 days, aggregated for 1 year).

Step 2 – Accept License Agreement

• Read and accept the End User License Agreement (EULA).

FortiGate (NetFlow)

In the CLI:

config system netflow
    set collector-ip 192.168.1.100
    set collector-port 2055
    set source-ip (your FortiGate interface IP)
end

After configuration, wait 5–10 minutes. Go to NetFlow Analyzer > Reports > Top Talkers – you should see live data.

4.5 User Accounts and Roles

Create read-only operators, help desk viewers, and full administrators using the built-in role-based access control.

3.2. Language and License Agreement

• Select your preferred language (English is safest).
• Read and accept the End User License Agreement (EULA).
• Click Next.

Part 10. Post-Install Hardening Checklist

For production environments, perform these steps after successful installation:

1. Change default ports: Avoid 8080 – move to a non-standard high port like 14443 (edit \conf\tomcat-server.xml).
2. Enable HTTPS: Install a proper CA-signed certificate (not self-signed).
3. Disable default admin credentials: Enforce Multi-Factor Authentication (MFA) under Admin > User Management.
4. Configure automatic backups: Use \bin\backupDB.bat as a scheduled task daily.
5. Set up email alerts: Configure SMTP under Admin > Mail Server Settings.
6. Restrict source IPs for UDP 2055: Use Windows Firewall to allow NetFlow only from trusted routers, not the entire internet.

Step 1: Run the Installer as Administrator

• Right-click NetFlowAnalyzer_64bit.exe → Run as administrator.
• If Windows Defender SmartScreen appears, click More info → Run anyway.