Getting Started

Netify Agent for Developers - Getting Started

Before we dive into getting started with the Netify Agent (netifyd), please make sure you take a look at the features and understand the basics of how netifyd works.

There are two ways to extract DPI information from netifyd: in a live environment, or using a network PCAP capture file.

In a live environment, the Netify Agent needs to tap into a network to analyze traffic. The traffic is ingested via a network interface connected directly to a live network or mirror port. This can be done:

• On a virtual machine
• In a container - nspawn, Docker, etc.
• On a dedicated Linux/BSD system
• By installing on an existing Linux/BSD system

For batch processing, testing, and development, the netifyd can also ingest PCAP packet capture files directly.

Example: mirror port on a local network

Tap into the network where you want the most visibility. The example shows the Netify Agent analyzing LAN traffic on an edge network.

Installation

For getting started, we are going to walk through how to install the Netify Agent for processing packet capture files. This type of installation can also be used for analyzing network traffic on a local development system. It's a little more involved, but we have also provided instructions on installing the Netify Agent for ingesting live network traffic via a switch mirror port.

Please select one of the install options below:

Next Steps

If you have installed the Netify Agent for network capture file analysis, you can find information on how to run the DPI engine in the Packet Capture documentation. If you have installed the Netify Agent in a mirror port environment, you can jump right into the following topics:

• Metadata analysis with the Data Stream Socket
• Layer 3 network tools integration with the Network Policy Engine