scrutinizer logo

NetFlow Reporting and Analysis

The Scrutinizer System

Scrutinizer™ Flow Analyzer is at the foundation of the Plixer flow collection and behavior analysis architecture. It is available as a physical or virtual appliance or as a windows download. Scrutinizer performs the collection, threat detection and reporting of all flow technologies on a single platform. It delivers real-time situational awareness into the applications and their historical behaviors on the network.

Enterprise Visibility

  • Massive scalability supporting dozens of distributed collectors
  • Capable of archiving and analyzing several million flows per second
  • Topology mapping with active links
  • Deduplication and stitching across collectors

Individual Appliance

  • A single flow collection system support over 2000 flow sources
  • Collect up to 200,000 flows per second
  • All flow technologies supported on a single system (i.e. NetFlow, sFlow, IPFIX, J-Flow, NetStream, etc.)
  • Deduplication and stitching across collectors

Flow Analytics

  • Forensic audit trail reporting
  • Threat Detection of odd traffic patterns
  • Threat reputation support
  • Threat Index™ (TM) indicates weighted threat severity over time.
  • Archiving of raw data for decades

Advanced Reporting

  • Additional reports for Cisco, Palo Alto, Citrix and dozens of other vendors
  • Behavior Baselines and alerting based on abnormalities compared to historical trends
  • Custom threat detection algorithms
  • Integration with Cisco ISE, Radius, or Microsoft for end user name identification
  • Design and build custom reports for exports from any vendor (e.g. Cisco NBAR, AVC, etc.)

Multi Tenancy

  • Support for hundreds of unique login accounts with access limited to specified data
  • Billing and invoicing support


  • Extends flow support in areas where NetFlow, sFlow or IPFIX are not available
  • Detailed metrics on applications, response times and usernames
  • Exports NetFlow and IPFIX

Flow Replicator

  • Eases the forwarding of flows from routers, switches or servers to multiple collection systems
  • High speed architecture capable of 10G wire speeds
  • Leaves the originator address in tact
  • Available as in hardware or as virtual appliance

Additional Functions
Third Party Support and Cross Check: is part of Advanced Reporting. It consolidates application alerts or errors and helps alleviate device naming inconsistencies between applications. The status of 3rd party applications is reflected in the Scrutinizer network maps. Learn More

Flowalyzer™: Real-Time Tool Kit for testing and configuring hardware or software for sending and receiving flow data.
Failover: For mission critical 100% availability.

    Recent NetFlow Analysis Blog Entries

    • Many devices that are placed on the corporate networks can fly under the radar of the IT departments watchful eye. These devices include smart phones, wireless access points, tablets, home laptops and other types of computer hardware. In some cases, employees make VPN connections from non-corporate owned computers and leave them connected for days or […]

    • Did you know there is Fortinet IPFIX support on their FortiSwitch-1000 switch? The other day I was working with a customer who mentioned configuring his Fortinet for IPFIX. This was a bit of a surprise to me because most Fortinet network devices that I’ve worked with support only sFlow. He said that he had a […]

    • Do you have a solution in place for detecting network threats? If you say no, you are not alone. Or maybe you have firewalls blocking the unwanted network traffic. Either way, you may be interested in network behavior analysis, another network threat detection option to consider. Network behavior analysis is based on traffic patterns, as […]

    • This is part 2 of a two part post on Incident Response Plan for Cyber Attacks. The other post left off at listing the responsibilities that are often assigned to IRT members. Below the list continues: The applications used to research the incident How to get training on the investigative tools Preparing a written report […]


    "We have used Scrutinizer on multiple troubleshooting opportunities to isolate what type of traffic was causing the heavy utilization and also what offending devices were doing it. Scrutinizer has more than lived up to its expectations."

    Danny, Pension Benefit Guaranty Corp