Viptela devices are showing less data in NFA compared to other SNMP polling tools.
Release: RAIB1H99000-9.3-Network Flow Analysis-Interface Bundle-Hardware
Viptela support has confirmed that cflowd data exported from Viptela devices may be less then SNMP data as cflowd data doesn't include encrypted bytes added to traffic entering and leaving interfaces, where as SNMP polling does included those encrypted bytes which will cause you to see less Flow data.
Their documentation states the following:
Note if you are on NFA 9.3.8 or an un-patched version of NFA 9.5 and are seeing that Viptela data is too high, this is addressed in NFA 10.0 and we would recommend upgrading to NFA 10.0.
We do have patches available for for 9.3.8 and 9.5 if upgrading is not an option.
If you would like those patches please open a support case and request the appropriate patches for your version of NFA:
9.3.8 request the patches below: