Plixer is pleased to announce a new weapon in the war against Internet threats: the all new Internet Threat Center (ITC). Based on hundreds of observation points deployed across the Internet, the ITC provides a near-realtime view of malicious actors across the globe. Plixer customers gain access to the ITC via regular updates to Internet host reputation data downloaded from the ITC to their Scrutinizer installations. NetFlow data collected from routers and switches within their network is compared to ITC data to alert when ITC suspects are active within the customer’s network environment.

This blog provides an overview of the Internet Threat Center and a brief tour of its features…

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

The Zero Trust model is a relatively new network security design model that requires network segmentation and segregation of employees from critical internal resources. The basic idea is that the internal network is no longer explicitly ”trusted.” BYOD policies and the mobile workforce have brought new threats to the internal network that just weren’t there five years ago. It’s no longer practical to assume “bad guys outside, good guys inside.” Let’s take a look at exactly what this means…

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Network forensics can be an intimidating subject. When IT personnel hear the word “forensics” they often recoil with visions of complicated software such as EnCase. Or they may think about expensive packet capture solutions such as Niksun’s NetDetector product line. While these tools can serve a specific purpose, your first line of network forensics defense should always be found in NetFlow and IPFIX…

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

At least two or three times each week we’re asked how NetFlow relates to PCI compliance. Our answer is crisp and simple. No fancy requirement references or complicated legal speak, just practical advice that’s actually useful for those concerned with the PCI audit process. There are three key areas NetFlow and IPFIX analysis can aid the enterprise as it relates to PCI:

Read more »

Deep Application Awareness is the ability to accurately identify different applications within a business.  What makes it difficult is that each application could be sharing the same ports.  A company that understands how bandwidth is being consumed, by who and how it is prioritized can optimized organizational performance.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

A twitter feed debating Australia’s  purposed government plans to log internet traffic caught my attention this morning and got me thinking about Identity Aware NetFlow.  Although storing user information is a hot topic for many countries around the world, the fact is that there are quite a few data retention laws that already exist .  Many companies are required to adhere to compliance laws and are scrambling to meet these requirements. This is why Identity Aware NetFlow has become such a valuable asset; it helps these companies meet their requirements with minimal overhead. It does this by using NetFlow/IPFIX technology which is already a part of their router or switches OS. Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Join the NetFlow Developments group on LinkedIn.

The IT Consumerization or “Bring Your Own Device” (BYOD) movement is already well underway and the iPhone5 launch will see even more employee sourced devices hitting the enterprise network. Even if you’re lucky enough to work for a company that provides iPhones to their employees, you probably don’t want to wait for IT to upgrade your iPhone now do you? You’ll want to BYOD.

So in support of iPhone5 users everywhere, here are three essential components of a BYOD-ready company: Policy, Education, Technology. Let’s discuss…

Read more »

IT professionals have been looking for better ways to monitor and store firewall logs for years. Properly handled, firewall events can give insight into APTs, DoS attacks, firewall rule planning and misconfigurations, policy violations, and much more. To date, Syslog has been the go-to mechanism for access to firewall log info. It’s universally supported by the firewall community, easy to understand, and it’s quick to implement on both the firewall as well as the syslog analyzer.

Unfortunately syslog is resource intensive on both the firewall and the log analyzer. It’s largely unstructured, requires string pattern matching, and the exact format and fields vary from one firewall to the next. How often do you turn on full “Accept” and “Deny” logging for every rule? Sure you can and yes it’s valuable but the amount of syslog created is tremendous.

Enter NetFlow and IPFIX…

Read more »

Have you been looking for a Zenpack that would allow seamless integration of Zenoss and the NetFlow tool Scrutinizer? Well you have come to the right place! Today I will be showing you how to complete the configuration of this integration. Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

We’ve blogged about the differences between NetFlow and sFlow before but this debate continues to come up often enough and has been going on long enough that it needs to be put to rest once and for all. So let’s cut right to the chase:

Read more »