You must put the overall range into Network "IP Range" or Boundary Flow analysis will not be able to correctly qualify IN vs OUT.
Flow direction analysis is also available if supported by your Netflow export to reflect Ingress vs Egress which is relative to the Interface.
Boundary flows are not relative to the IP Allocations unless the IP Allocation falls fully into the IP Range?
Deploying CySight Boundary Flow displays the following 5 kinds of flows -
- In - Traffic from outside of the organization network to inside of the organizations network IP Range
- Out - Traffic from inside of the organization network to outside of the organizations network IP Range
- Internal - Traffic from inside of the organization network to inside of the organizations network IP Range
- External - Traffic from outside of the organization network to outside of the organizations network IP Range
- Multicast - If a Source or destination ip is a multicast address the Boundary flow will reflect as multicast
The organizations network is defined through IPv4 and IPv6 Network Range.
Boundary Flow can be a "display by" field or used in report criteria.
