Explanation/Reference:
Section: Design Objectives Explanation
Explanation:
NetFlow is a Cisco IOS feature that can be used to gather flow-based statistics, such as packet counts, byte counts, and protocol distribution. A device configured with NetFlow examines packets for select Open Systems Interconnection (OSI) Layer 3 and Layer 4 attributes that uniquely identify each traffic flow. The data gathered by NetFlow is typically exported to management software. You can then analyze the data to facilitate network planning, customer billing, and traffic engineering. For example, NetFlow can be used to obtain information about the types of applications generating traffic flows through a router.
A traffic flow can be identified based on the unique combination of the following seven attributes:
Source IP address

Destination IP address

Source port number

Destination port number

Protocol value

Type of Service (ToS) value

Input interface

Although NetFlow does not use Layer 2 information, such as a source Media Access Control (MAC) address, to identify a traffic flow, the input interface on a switch will be considered when identifying a traffic flow.
By contrast, Network-Based Application Recognition (NBAR) is a Quality of Service (QoS) feature that classifies application traffic that flows through a router interface. NBAR enables a router to perform deep packet inspection for all packets that pass through an NBAR-enabled interface. With deep packet inspection, an NBAR-enabled router can classify traffic based on the content of a Transmission Control Protocol (TCP) or a User Datagram Protocol (UDP) packet, instead of just the network header information.
In addition, NBAR provides statistical reporting relative to each recognized application.
Reference:
CCDA 200-310 Official Cert Guide, Chapter 6, Classification, p. 233
CCDA 200-310 Official Cert Guide, Chapter 15, NetFlow, pp. 626-628
Cisco: Cisco IOS Switching Services Configuration Guide, Release 12.2: Capturing Traffic Data