Blog :: Network Operations :: Security Operations

NetFlow in Hosting


Chances are that any website you will visit today is hosted in a shared environment. If the hosting server in a shared environment were an apartment building, the website would be one tenant on a floor. Not only does shared hosting provide an economical way for smaller websites to host on a powerful server, but it also provides a larger resource pool for the end user to access. But because many users share the same IP, it is harder to pinpoint a single user in the case of a DDoS attack, malware, or high bandwidth usage. This is where NetFlow in hosting and a tool like Scrutinizer saves the day!

Scrutinizer and cPanel

cPanel is a web hosting control panel designed to simplify the process of hosting a website. cPanel uses a 3-tier structure that provides administrators, resellers, and end-user website owners control over the various aspects of website and server administration through a standard web browser.

NetFlow in Hosting - cPanel dashboardIn addition to the GUI, cPanel also has command line and API-based access that allows third-party software vendors, web hosting organizations, and developers to automate standard system administration processes.

Scrutinizer and cPanel are both Perl-based applications. This allows third-party developers to create tools for better cohesion between the two systems. Furthermore, both systems have a powerful API backend that allows them to build on each other. cPanel provides the shared clients’ metadata, which, in combination with the aggregation of NetFlow inside Scrutinizer, helps provide beneficial data to administrators and management alike. From expansion planning to attack mitigation, NetFlow in hosting data provides some of the best information available.

Scrutinizer NetFlow Port Scan

NetFlow in hosting and use cases

Some key uses for NetFlow in hosting are attack detection and mitigation. This is no different in shared hosting, but because most customers share the same IP, it’s harder to detect and mitigate attacks based simply on the IP address. With DPI (Deep Packet Inspection) and other features built into Scrutinizer, however, you can handle these sorts of incidents much more easily and suspend, remove, or black hole the offending user much sooner.

Attacks aren’t the only problems we can solve with NetFlow in hosting. Expansion planning and volume monitoring help administrators better predict their needs, thus reducing bandwidth costs. NetFlow also helps optimize volume expansion prior to visitors being turned away because of bandwidth needs. Network planning and bandwidth demand go hand-in-hand; tools like Scrutinizer with NetFlow data become invaluable for administrators and decision makers.

IP accounting and usage-based billing are also top-tier items when companies require NetFlow. While shared hosting is mostly packaged pricing with hard limits, some providers opt for elastic resources and usage-based billing. With NetFlow and the built-in billing features in Scrutinizer, you can more precisely provide customers with billing and usage data.

Organizations may also want to monitor customers and their application usage. What if customers are pushing P2P data and it is against your acceptable use policy? Or say a customer is hosting a large-scale file service that’s eating up all of your pipe—once again, NetFlow can provide you with an easier way to handle these issues and provide granular data to your team.

Interested in NetFlow for your web hosting environment? Try our free version today!