The following article, “Scrutinizer Brings Flow Analytics to SMBs“, written by David Diaz, was recently featured on TechCrunchIT.

David points out that with the low initial cost for Scrutinizer NetFlow & sFlow Analyzer, it is a very affordable Flow Analytics solution for small and medium-sized businesses.

This flow analysis tool can also be deployed centrally and accessed globally via the web interface.  What this means is that one install of Scrutinizer can provide network management information for your entire network and accessible by everyone on the network management team, regardless of geographical location.

Read more »

Hello everybody! My name is Paul Dube and I have recently graduated from the University of Maine in Orono with a degree in Computer Science and joined the support team here at Plixer International. Over the course of the past few weeks I’ve been trying to learn everything there is to know about Scrutinizer, NetFlow, sFlow and network traffic analysis. During this process I’ve come across a lot of great resources that I would like to consolidate into one place to help you get started.
Read more »

Since the release of the latest version of our NetFlow and sFlow analysis tool, I have been blogging about some of the new features that are available.

One of the new report features available gives you the ability to filter on conversations and show user defined applications that were involved in those conversations.

Read more »

A couple of weeks ago I began a series of blogs that introduced you to the new Flow Analytic tools that are available with Plixer International’s latest NetFlow and sFlow analysis tool, Scrutinizer v7.3.

Today I will be introducing you to the fourth of the new analytic tools now available with Scrutinizer v7.3. The Top Flows algorithm utilizes Flow Analytics – Top Flows, and checks to see if hosts involved with large numbers of flows have a large percentage of flows that are incomplete. This  is determined by looking at the TCP flags field in each flow record.

If it is a TCP flow record and it does not have the FIN flag set, it could indicate a host that is not able to make a full connection to the host it is trying  to reach. This is typical for things like port scans and even P2P applications. Another possibility is that a host just has a misconfigured application that needs to be addressed.

Read more »

Well it looks like our run of nice weather has ended here in Southern Maine. Saturday we had our first snow of the year. It was kind of a nice touch to be at a holiday party and have the snow falling outside. And then to wake up Sunday morning to find that the view outside your window is like that of a Currier and Ives winter print.

A couple of weeks ago I began a series of blogs that introduces you to the new Flow Analytic tools that are available with Plixer International’s latest NetFlow and sFlow analysis tool, Scrutinizer v7.3.

Today I will be introducing you to the third of the four new analytic tools now available with Scrutinizer v7.3. The Breach Attempt Violation looks for many small flows from one source to one destination. This can indicate things such as a “brute force” or “dictionary” attack. 

Read more »

Let me start by saying, I hope that everyone had a great Thanksgiving. At our house, we fried two turkeys this year. It was the first time that we attempted this, and after reading all the warnings that came with the new fryer, I guess the fact that no one got hurt means that the holiday was a success.

Last week I began a series of blogs that introduce you to the new Flow Analytic tools that are available with Plixer International’s latest NetFlow and sFlow analysis tool, Scrutinizer v7.3.

Read more »

With the release of Scrutinizer v7.2 last month we offered an upgrade/migration path for those customers running Scutinizer v6. I have had some customers ask, “Why should we upgrade” or “What will we gain from Scrutinizer v7 that we don’t have now?”

The updated release of Plixer’s network traffic analyzer last week made the answer to that question very clear.

Read more »

I have been receiving a number of calls lately with requests to enable SSL on Scrutinizer v7.

Enabling SSL on Scrutinizer v7 has been made much easier than in past releases of Scrutinzer. You no longer need to download OpenSSL and manually configure the SSL Key and certificate, or set up the apache config files.

You must first contact Technical Support at Plixer International, to obtain the Scrutinizer v7 – SSL installshield.

Read more »

Apparently the Cisco ASA is becoming a popular appliance for securing today’s businesses from the uglies that plague the Internet.  More specifically, the ASA running v8.2.1 or newer exports Flexible NetFlow (a variant of NetFlow v9). Why is this so cool?

The Key Advantages of using Flexible NetFlow on Routers:

A) User configurable ability to monitor a wider range of packet information which produces new information about network behavior: In other words, we can specify exactly what we want.  This is useful if you are trouble shooting and looking for very specific information that isn’t exported in traditional NetFlow (e.g. MAC addresses, VLAN IDs, NBAR, etc.).

B) Enhanced network anomaly and security detection: Basically, Flexible NetFlow can monitor more deeply inside packets.  What could these mean to the market for NBAD solutions?

C) Convergence of multiple accounting technologies into a single mechanism: This is basically reinforcing the above feature of collecting on any specific information but, using it for different purposes.  For example, maybe the NetFlow volume is so high that you have to use sampling.  This could throw a wrench into your accounting and billing plans as they likely won’t be accurate without 100% traditional NetFlow capture. Flexible NetFlow allows you to have a sampling export as well as other exports specific to traffic type (e.g. IP subnet) occurring simultaneously.

Read more »

Now for something completely different . . . . .

I don’t know why but I got it in my head to reuse the Kcups in our office coffee machine. Don’t get me wrong the Keurig, single cup coffee maker is awesome. I have one at home, but I could never get over throwing the little cups away. Seemed a waste.

At home,  I have the reusable containers. This eliminates the need to use the prepackaged Kcups. After a quick Google search I found these little plastic lids that cover the Kcup, allowing you to reuse it. I figured that I could replicate that here in the office.

Read more »

____________________________________
Jim Dougherty aka "Jimmy D"
Lead PreSales Support Engineer and
Netflow Evangelist for Plixer International!

Follow me on Twitter
http://twitter.com/jimmydnet
____________________________________