Well, Maybe Not That Brief...

Flows can be unidirectional or bidirectional
Can't always capture both sides of a conversation
Fluctuating routes may take traffic elsewhere

Flows are identified by a 5-tuple
Source IP Address
Source Port
Destination IP Address
Destination Port
Transport Layer Protocol

Sometimes only a subset is used
Ports not defined for all protocols
Not all parameters are useful all the time