If you are seeking a good understanding of NetFlow, or a better understanding of how it can be enabled, configured, and analyzed, the “Commercial NetFlow Applications” chapter from the book Digital Forensics for Network, Internet, and Cloud Computing can be a great resource.  Written by Mike Patterson of Plixer International, Inc., the chapter details NetFlow and explains how you can capitalize on its utilization. Read more »

Our NetFlow and sFlow Analyzer receives  data collected over a 1 minute time interval  per flow, and can store up to 100 000 conversations (flows) per device. One limitation in NetFlow monitoring today is the amount of disk space needed to store the collected network traffic information. Especially, if one’s intent is to hold on to that information  for a certain period of time. In this blog I will try to help you understand how Scrutinizer archives data. In addition I will talk about the NetFlow Calculator, which can be a helpful tool for estimating the disk space needed on your NetFlow analyzer server. Read more »

You’re in the market for a NetFlow Traffic Analyzer.  What are the key features that you’re looking for?  What makes one NetFlow analyzer stand out from the rest?  Do you have a list of “must haves”?

Such as support for Flexible NetFlow, IPFIX reporting, portable network maps?  How about automated NetFlow configuration on your routers and switches?  Is customization of the web interface important to you?  Multiple language support critical?
Read more »

Come see Plixer International (Booth #960) at Cisco Live at Mandalay Bay Resort in Las Vegas June 27 – July 1, 2010.

What a great opportunity to meet several of the Plixer Team members, including:

• MMM (Mix Master Mitch), our renowned NetFlow Rapper
• Michael Patterson, Product Manager
• Jon Mills, Marketing Manager
• Nathan Halverson, blogger extraordinaire!

3 NEW features will be highlighted with live demos of our NetFlow Analyzer.  Maybe we’ll show off our IPFIX and NetFlow Probe abilities?

Come see why our sFlow and NetFlow Collector are different from the rest for network traffic monitoring.

- Joanne

The following article, “Scrutinizer Brings Flow Analytics to SMBs“, written by David Diaz, was recently featured on TechCrunchIT.

David points out that with the low initial cost for Scrutinizer NetFlow & sFlow Analyzer, it is a very affordable Flow Analytics solution for small and medium-sized businesses.

This flow analysis tool can also be deployed centrally and accessed globally via the web interface.  What this means is that one install of Scrutinizer can provide network management information for your entire network and accessible by everyone on the network management team, regardless of geographical location.

Read more »

Hello everybody! My name is Paul Dube and I have recently graduated from the University of Maine in Orono with a degree in Computer Science and joined the support team here at Plixer International. Over the course of the past few weeks I’ve been trying to learn everything there is to know about Scrutinizer, NetFlow, sFlow and network traffic analysis. During this process I’ve come across a lot of great resources that I would like to consolidate into one place to help you get started.
Read more »

Since the release of the latest version of our NetFlow and sFlow analysis tool, I have been blogging about some of the new features that are available.

One of the new report features available gives you the ability to filter on conversations and show user defined applications that were involved in those conversations.

Read more »

A couple of weeks ago I began a series of blogs that introduced you to the new Flow Analytic tools that are available with Plixer International’s latest NetFlow and sFlow analysis tool, Scrutinizer v7.3.

Today I will be introducing you to the fourth of the new analytic tools now available with Scrutinizer v7.3. The Top Flows algorithm utilizes Flow Analytics – Top Flows, and checks to see if hosts involved with large numbers of flows have a large percentage of flows that are incomplete. This  is determined by looking at the TCP flags field in each flow record.

If it is a TCP flow record and it does not have the FIN flag set, it could indicate a host that is not able to make a full connection to the host it is trying  to reach. This is typical for things like port scans and even P2P applications. Another possibility is that a host just has a misconfigured application that needs to be addressed.

Read more »

Well it looks like our run of nice weather has ended here in Southern Maine. Saturday we had our first snow of the year. It was kind of a nice touch to be at a holiday party and have the snow falling outside. And then to wake up Sunday morning to find that the view outside your window is like that of a Currier and Ives winter print.

A couple of weeks ago I began a series of blogs that introduces you to the new Flow Analytic tools that are available with Plixer International’s latest NetFlow and sFlow analysis tool, Scrutinizer v7.3.

Today I will be introducing you to the third of the four new analytic tools now available with Scrutinizer v7.3. The Breach Attempt Violation looks for many small flows from one source to one destination. This can indicate things such as a “brute force” or “dictionary” attack. 

Read more »

Let me start by saying, I hope that everyone had a great Thanksgiving. At our house, we fried two turkeys this year. It was the first time that we attempted this, and after reading all the warnings that came with the new fryer, I guess the fact that no one got hurt means that the holiday was a success.

Last week I began a series of blogs that introduce you to the new Flow Analytic tools that are available with Plixer International’s latest NetFlow and sFlow analysis tool, Scrutinizer v7.3.

Read more »