Blog :: Flexible NetFlow :: Network Operations :: Security Operations

Top 13 Network Security Features

Our Network security solution is a leader in cutting edge NetFlow collection innovation; here are top 13 features you should know about:

Performance Monitoring

  1. Chosen by Cisco to support their most innovative Flexible NetFlow technologies.  The “Medianet 2.2 Deployment Guide”   can be found on page 7,8,10 & 11.  We were the first to support Cisco Performance Monitoring (PfR) FnF exports which help secure that business related traffic receives priority.
  2. We consistently strive to stay on top of the most advanced NetFlow feature security features.  This means analyzing and reporting on non traditional NetFlow exports such as Cisco ASA NSEL and Smart Logging Telemetry (SLT) which resemble syslogs (I.e. NSEL) about threats detected and can contain events about flows denied and even captured packets (I.e. SLT).
  3. Our NetFlow and IPFIX analyzer detects network security events and is used by security analysts around the world. The Flow Analytics features can detect DoS attacks, scanning, and policy violations.  Check out our Internet Threat Center.
  4. We were the first company to implement IP Host Reputation databases to catch malware such as Advanced Persistent Threats and Command and Control bots. See the APT white paper.
  5. The Scrutinizer Flow Replicator allows the user to replicate flows from one source to many. It supports syslog to IPFIX gateway functionality allowing logs to be correlated with flow data.  This feature reduces the Mean Time To Know (MTTK) by answering the questions: who was involved with a threat exported in a syslog and what did the traffic pattern look like via flow data.
  6. Our NetFlow and IPFIX collector can scale to over 100,000 flows per second and meet the needs of virtual and 10Gig environments ensuring that no threat gets past the eyes of Flow Analytics.
  7. The billing options are designed to meet the needs of service providers looking to use NetFlow to help run their business and secure their ROI initiatives.
  8. We are often the first company vendors contact when they are ready to export NetFlow or IPFIX. Barracuda, Cisco ASA, Enterasys, Palo Alto and Dell-SonicWALL are all supported
  9. We provide the most flexible flow reporting for cloud services and BYOD environments by providing contextual awareness of all IP communications. We can integrate with Enterasys Mobile IAM or Cisco ISE. We can answer questions such as “How many iPhones do we have on the network?”
  10. We can monitor all traffic to and from servers required to comply with HIPPA or PCI.
  11. We are the only flow company to provide true end to end visibility (i.e. hop by hop) of connections on the network.  If an investigation being performed on a threat, where did it come from? Where does it go? Who else did it communicate with?  Flow Hopper can tell you.
  12. Scrutinizer provides Identity Aware NetFlow  by correlating usernames from any resource to Flow data (E.g. proxy logs, NetFlow, IPFIX, Active Directory)
  13. Our Service Provider NetFlow solution empowers service providers to secure customer data from one another even if all customers are supported on the same server.

Please feel free to give us a call and our NetFlow experts will help you determine whether this is an adequate network security solution for your company.