" We did a 30 day evaluation of 5 different WAN monitoring tools and chose Scrutinizer from Plixer International. Now we can see exactly what's going on in our WAN with a few clicks of the mouse. To sum it up, it's great to have a software tool like Scrutinizer to resolve problems quickly. "
Brian, State Government
Flow Analytics™ brings the cutting-edge science of threat detection to Scrutinizer™ by adding behavior baselines, abnormal communication checks, and additional reporting. The Scrutinizer forensic incident response architecture provides network and application traffic analysis across physical and virtual network infrastructures. Key features include:
- Security: Flow Analytics™ provides a CCTV or DVR like warehouse of all network activity. This is done by harnessing the flows from all network appliances. We analyze this data and act as an internal Intrusion Detection System hence improving overall C level privacy that confidentiality is being maintained.
- Auditing and Compliance: Flow Analytics™ maintains a 24x7x365 audit trail of all network communications. When investigations need to take place, our flow solution can be used to react quickly to verify what data may have been exposed, when and by whom.
- Network Traffic Monitoring: Our scalable appliance-based technology helps IT manage the network with less effort and more automation to maintain service levels. Scrutinizer™ delivers forensic details on dozens of key performance metrics. Identifying the root cause of application sluggishness is mapped out hop-by-hop providing true end-to-end visibility. Capacity Planning: Flow analysis technology is the hallmark of a sophisticated IT team. Scrutinizer™ allows you to:
- Study client-server communications
- Compare WAN (MPLS) and server communication behaviors over time
- Use complex filters to narrow in on details.
To accomplish the above, Flow Analytics™ provides the one-of-kind features and we work directly with every major vendor to be first to market with the newest flow capabilities.
Trigger alarms through established thresholds based on saved reports in Scrutinizer™. For example, if you want to monitor an application for a certain ToS, within a class A subnet - Flow Analytics™ can do it!
Identify culprits quickly through automated DNS resolution and host reputation lookups.
Reporting and alarming on internal network SYN, NULL, FIN, XMAS Scans, RST/ACK worms, P2P, ICMP unreachable, illegal IP addresses, excessive Multicast traffic, known compromised internet hosts, APTs, DDoS attacks and more.
Easily identify repeat offenders history and create a Unique Index (UI) to manage traffic counts. Flow Analytics™ also helps locate machines involved with DoS attacks or infected with viruses.
The Flow Expert Window provides a view into immediate network problems to help identify and resolve DoS attacks, bottlenecks, network scans, improperly terminated connections and more. Typically this "Expert Window" feature is only found in packet analyzers.
"We've learned that NetFlow can tell us who is talking to who across our network, but how can we tell if either who is a bad actor? By checking the reputation of the IP addresses at both ends of the conversation."
Michael Schiffman - Cisco Systems