Today I want to show you how to configure sFlow on your Arista device and demonstrate its featured output through Plixer Scrutinizer. Our goal is to define multicast flow on our switch.
Read moreBlog
Malicious links and how to find them
Posted on - by Joanna Buckley
It can happen to anyone, even the most seasoned of network security personnel. You can be searching for something on Google, see a seemingly innocent link that looks like exactly what you’re looking for, and click it. Next thing you know, your computer screen is flashing with a message that says your computer is infected and you need to call the following number ASAP. If this does happen in your office, don’t worry: we can help.
Read moreCisco Firepower FTD NetFlow configuration
Posted on - by Scott
I am often exposed to new network devices and the ways that they support and configure flow-monitoring technologies. So I was excited to learn this new Cisco Firepower Threat Defense NetFlow configuration.
This configuration uses all the same NSEL configuration commands that you would use on a Cisco ASA, in just about the same order as I described in this Cisco ASA configuration blog. The difference is that you are applying the commands using a GUI interface and not CLI.
Read moreTuning DDoS and DRDoS flow analytics to your environment
Posted on - by Dylan Mclaughlin
As more and more devices are added to the internet, a larger swath of insecurity comes with them. Botnets and compromised devices are the main sources of headache for attacks on infrastructure, with Distributed Denial of Services attacks becoming a major tool for the bad actors to break systems or cover their tracks during an operation. Plixer Scrutinizer provides a method for alarming on these attacks in real time.
Read morePackets vs. flow/IPFIX: The effort to reduce dwell time
Posted on - by James Dougherty
When we hear about a cyberattack these days, there’s often a reference to when the network was originally compromised. In recent years, the need to determine how long that compromise was on the network, who else was involved, and how you’re going to gain this visibility has moved to the forefront of the SecOps team’s needs.
Read moreConfiguring a network map
Posted on - by Ryan Slosser
The process of setting up a new network map has changed a bit in the newest Plixer Scrutinizer v19.1.0 release. Today, I’d like to go over setting up a new network map and configuring new connections between map objects.
Read moreHow to find BYOD game systems on your network
Posted on - by Joanna Buckley
Since the beginning of lockdown, the sale of video games and their systems skyrocketed. Now that we’re slowly moving back to office life, employees may be bringing their BYOD game systems such as PlayStation Vitas, Nintendo Switches, and Nintendo 3DSs to work with them. Here’s how we can help you find those pesky systems.
Read moreMalware detection using machine learning and NetFlow
Posted on - by Scott
Last year Plixer released version 19 of Scrutinizer, and with it came the introduction of Plixer Security Intelligence, our machine learning appliance.
The ML appliance learns and establishes what is normal in network traffic behaviors across hundreds of data models. When Scott’s PC reaches out to an application that he has never touched, or exhibits out-of-the-ordinary traffic behaviors, that activity is flagged and alarmed on.
Read morePlixer recognized as Most Innovative NDR vendor by Cyber Defense Magazine
Posted on - by Theresa Abbamondi
Plixer has been recognized by Cyber Defense Magazine’s 2021 InfoSec Award as the Most Innovative in Network Detection & Response. This award acknowledges Plixer’s continued evolution of our industry-leading NDR platform.
Read moreCisco ISR4300 IPFIX configuration
Posted on - by Khalil Ismayilov
I recently helped a customer configure NetFlow on their ISR4300. I found that ISR43XX/44XX routers run IOS-XE, which only supports Flexible NetFlow (FNF). NetFlow is a Cisco technology that provides statistics on packets flowing through the router. It’s the standard for acquiring IP operational data from IP networks.
Read more