“Know your Network!” All network administrators have to know what append on their networks: what are the flows of information between hosts, to Internet, between VLANs. This is a requirement for security or provisioning purposes but also for business when the amount of IP traffic has to be billed to a customer.
For years, Cisco developed and maintained a nice protocol to achieve this: Netflow. Deploying Netflow is easy: sensors (routers or core switches) send Netflow data to a collector which store the flows into databases. Finally, a reporting system analyze the stored data. Netflow became a standard and a lot of non-Cisco devices or open-source applications can generate or analyze Netflow data: Ntop has a Netflow plugin.
OpenBSD has also a kernel interface pflow to export packets flow compatible with Netflow (version 5 only). As OpenBSD is also a wonderful firewall solution (based on pf – Packet Filter), coupling a firewall with a Netflow sensor is very convenient to grab all data passed on the network. If it’s possible to perform traffic monitoring based on a fully open-source architecture, why still hesitate?