The Infrastructure Management Business Unit is pleased to announce the General Availability (GA) of CA Network Flow Analysis r9.2.1.  This is our 2nd release this year and our first from our new Ft. Collins NFA development team.

Please review this document for details of the issue, migration path, and installation steps.  If you have any questions regarding migration path or installation, please contact your local CA Support team.

New Features

License Monitoring

The current release of CA Network Flow Analysis monitors license use and displays the results on the About page. The information is displayed next to the following labels:

• Licensed Devices in Use
• License Utilization

Cisco ASA Support

CA Network Flow Analysis r9.2.1 supports reporting for Cisco ASA (Adaptive Security Appliances) IOS version 8.4.5. In the past, ASA firewalls exported data by using NetFlow field 85 - Total_Bytes. To accommodate byte count directionality and account for the way byte counts are distributed over time, Cisco has started using fields 231 and 232. InitiatorOctets (Field ID: 231) represents traffic from source to destination (forward_flow). Traffic from destination to source (reverse_flow) is represented by responderOctets (Field ID: 232).

Cisco AVC Updates

CA Network Flow Analysis r9.2.1 supports additional Cisco AVC application classifications.  New applications include:

• ESPN Browsing/Video
• Microsoft Lync Audio/Video
• ITunes Audio/Video & ICloud
• Cisco Jabber
• Microsoft Office 365 – Including OneDrive (aka SkyDrive)

Cisco AVC Interoperability Certification

CA Network Flow Analysis r9.2.1 has completed the Cisco Interoperability Verification Testing (IVT). CA Network Flow Analysis is certified for interoperability with Cisco technologies for Application Visibility and Control (AVC) reporting.

Flow Cloner Port Options

       The Flow Cloner now supports an additional configuration option, which enables you to specify the destination port separately from the listening port. You can use the following tokens to specify the ports:

/port -- Port that the Harvester uses to listen for the original incoming flows

/dest port -- Port that the destination hosts use to listen for the cloned flows

If you do not specify values for the /port or /dest port tokens, UDP 9995 is used by default.

Anomaly Detector MIB Updates

CA Network Flow Analysis r9.2.1 includes updates to the Anomaly Detector MIB so that it can be compiled into Spectrum 9.2.x and above.

Java JRE Updates

CA Network Flow Analysis r9.2.1 uses libraries from the Java Runtime Engine (JRE) version 1.6u45. The installation and upgrade program installs these libraries automatically. The libraries are in the product installation path. They are not disturbed by any other JRE instances that you install and update on the server.

Poller Re-mapping Improvements

In some cases, when a device renumbered its interfaces, CA Network Flow Analysis was not properly mapping the "old" interfaces information reported by the device to the "new" information reported by the device. CA Network Flow Analysis has improved capabilities in this area that will facilitate the following types of interface renumbering:

• New line card added
• Line card removed
• Device reboot

Netflow v5 Sampling Rate Update

In the Netflow v5 header, bytes 22-23 contain information about the sampling interval being used. The first two bits contain the sampling mode and the remaining 14 bits contain the value of the sampling interval. CA Network Flow Analysis can honor the sampling interval provided by the header if the CA Network Flow Analysis Administrator has set the TrustNetflowV5SamplingInterval parameter to true in the "parameter_descriptions" table in the Harvester database. When the sampling interval is provided (and accurate) for v5 flow, this setting ensures the accuracy of CA Network Flow Analysis's calculations based on flow data.

Where to Obtain CA Network Flow Analysis r9.2.1

Electronic Download

You can obtain the CA Network Flow Analysis r9.2.1 and associated readme from the Products section of the Network Flow Analysis product support page.

Copyright © 2014 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.

This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document "as is" without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or non-infringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised in advance of the possibility of such damages.