Distributed Collection System: Enterprise Visibility

Scrutinizer is a massively scalable system for both incident response and threat detection. Even when the environment is a mixture of both physical and virtual networks, the distributed architecture provides the insight required to effectively respond to performance and security issues. Here are some key distributed flow collection features:

  • Scales to several million flows per second across dozens of collectors
  • Supports over 100,000 flow-exporting devices (e.g. routers)
  • A central UI for viewing interfaces and collecting alarms across all collectors
  • A single search function for finding end systems by IP address or username
  • Gain contextual details like username via integration with Microsoft Active Directory, Cisco ISE, and most other authentication systems

By distributing flow collection, behavioral-based threat detection and performance monitoring can be done locally at each geographical location. Events, however, are collected and correlated at the central servers.

Scrutinizer Dashboard



The Scrutinizer Distributed Architecture improves:

  • Incident response times, improving internal support
  • Contextual awareness, ensuring that you have all the details needed to make an informed decision
  • Change management, improving smoother transitions
  • Resource allocation and capacity planning, optimizing how money is spent

Network operation and security teams are provided with the very best; Scrutinizer is an award-winning flow collection system.

  • "Scrutinizer helps simplify forensic analysis by identifying applications, conversations, traffic flows, protocols, end users, domains, countries, and subnets. It can also be used to create reports on historical network traffic, proactively monitor jitter and latency, and issue suspicious behavior alerts."

    Jan Sijp, Director of Product Management – Dell.com