The other day my colleagues at the technical support desk and I were talking about different aspects of network analysis and an interesting question came up:
When you use a NetFlow collecting appliance, what function do you use more, the reporting or the behavior analysis function?
Between all of us, we couldn’t come up with a definitive answer.
At Plixer, we have designed our NetFlow and sFlow Analysis Tool to provide the best custom reporting engine on the market today, supporting leading edge technologies like the Cisco ASA, Flexible NetFlow, IPFIX, and NBAR. With a single mouse click you can select from over 20 predefined report filters. Anything from top hosts, applications, and conversations, to traffic volume and flow volume reports.
But it gets better!
We are soon to be releasing Scrutinizer v8. Version 8 includes a number of new report filters including a dashboard report that lets you see a number of different reports for an interface on a single view.
Scrutinizer with Flow Analytics is one of the few NetFlow and sFlow solutions that combines network traffic analysis with continuous network behavior monitoring.
The Flow Analytics function within Scrutinizer includes dozens of algorithms that detect malware such as botnets, worms, and other threats. It interrogates every flow from your exporting devices for suspicious traffic patterns and anomalies. All flows across selected flow sending devices are monitored at all times. While antivirus solutions help catch infections on computers, Flow Analytics looks for problems that are already underway (e.g. DDoS, network scans, nefarious activity, etc.) on the internal network.
The Flow Expert view on the MyView tab lets you see what’s going on across your network on a single dashboard view. The Threats Overview gadget shows you a count of the occurrences that have been found for each algorithm, and a click on the alarm takes you directly to the Alarm tab to view the details for that particular alert.
Since we are in the election season I figured that I would pass the question on to you.
If you are looking for a new network traffic analysis tool, or have any questions about Scrutinizer, give me a call – (207)324-8805