Realtime MicroCloud-based Flow Aggregation for Fixed and Mobile Networks

Monitoring of large distributed networks requires the deployment of several probes at different network locations where traffic to be analyzed is flowing. Each probe analyzes the traffic and sends the monitoring data toward a centralized management station often using protocols such as NetFlow and IPFIX. As each probe monitors a part of the traffic, the data collector has the responsibility of merging data coming from all the probes and correlate information. This task adds extra load on collectors and prevents traffic information to be available until it has been correlated, thus preventing (near) realtime traffic monitoring. This paper describes how the microcloud architecture can be used to provide real-time traffic monitoring and correlation on large distributed environments where monitoring traffic is analyzed by several probes that collectively concur to the monitoring task. This work has been successfully validated on using this architecture for monitoring the .it DNS ccTLD and a large 3G mobile network with million of users.