sFlow is a technology for monitoring traffic in switched or routed networks. The sFlow monitoring system is comprised of:

  • An sFlow Agent that runs on a network device, such as a switch. The agent uses sampling techniques to capture information about the data traffic flowing through the device and forwards this information to an sFlow collector.
  • An sFlow Collector that receives monitoring information from sFlow agents. The collector stores this information so that a network administrator can analyze it to understand network data flow patterns. One sFlow collector can recieve the data from many sFlow agents.

The sFlow UDP datagrams sent to a collector are not encrypted, therefore any sensitive information contained in an sFlow sample is exposed.