Blog :: Network Operations

5 Reasons Service Providers Choose Scrutinizer


As a technical support engineer, I have worked with hundreds of customers across the globe. I typically ask them why they choose Scrutinizer as their go-to solution for network monitoring and security needs. While their answers may vary based on the role and the industry, visibility into the network is the key. In this blog, I will list the 5 reasons why internet service providers choose Scrutinizer.

5 Reasons Service Providers Choose Scrutinizer

Keep your Eyes on the Flow data

For a service provider, delivering information about the performance of the infrastructure and services to the end user is mission-critical. Visibility into link utilization, consumer behavior, and application diversity across markets is essential to optimize the infrastructure and support the quality of service that customers expect.

Due to detailed information within NetFlow packets, network engineers can successfully identify bandwidth consumption issues, traffic trends, applications, hosts, and traffic anomalies. In their research, Aamer Akhter and  Benoit Claise from Cisco listed the following NetFlow use cases for service providers:

ISP NetFlow uses: Peering Arrangements, Network Planning, Traffic Engineering, Accounting and Billing, Security Monitoring, Performance Monitoring
Source: Cisco, Menog

5 Reasons Service Providers Choose Scrutinizer

“We’re an ISP, and an item we use Scrutinizer daily for, is the ability of our front end tech support to be able to look at a customer’s traffic volume and patterns. I do this by giving them access to specific reports generated by Scrutinizer,” confided one of the customers I worked with recently.

So what are the 5 most common reasons why service providers make Scrutinizer their go-to solution?

1. Advanced threat detection

Traditional signature-based technologies such as UTMs, IPSs, and next-gen firewalls cannot provide the unique perspective on network traffic that NetFlow and flow analysis techniques do. Security-based flow analysis is a great advantage for a service provider who knows how to make use of it. For instance, watching host traffic for odd communication ratios (e.g. flow volumes to byte and packet counts) can often result in accurate detection of DDoS attacks. If you compare IP addresses to host reputation databases, you can detect botnets that could be part of a larger advanced persistent threat (APT) underway against the customer’s environment.

2. Visibility across the entire customer’s network

You cannot manage what you cannot see. End-to-end visibility of the customer’s environment is key. Hop-by-hop or router-to-router network path visibility of a flow through the infrastructure enables a service provider to troubleshoot issues with an IPS, firewall, or other network access control.

3. Flexible reporting

Advanced NetFlow collection technology can provide detailed reports on hosts, critical networks, and incidents. Determining who omits elements exported in NetFlow or IPFIX is a quick way to shorten the list of NetFlow collector vendors you should consider. Whenever there is a slowness problem, Scrutinizer’s granular capacity planning reports come in handy to make sure your trends are within scope of your infrastructure. As my colleague Jake points out in his blog, one of NetFlow’s primary intended uses was for network traffic billing and capacity planning. “One of the largest benefits of collecting NetFlow/IPFIX is that you can trend this data for multiple years while retaining conversation granularity, allowing you to pinpoint exactly what application is causing the sudden increase in bandwidth utilization,” says Jake.

4. Service responsiveness and uptime

What is the end user experience to the ISP’s cloud-based service portal? What is the round trip time? How do connection times to a resource compare to other customers? Where is the ingress connection of a particular host? Where did the problem begin? Again, Scrutinizer can be a life-saver here. 24x7x365 visibility into all network activity solves the problem of knowing what was going on at the time of the attack.

5. Multi-tenancy

Secure login per customer with reports catered to each customer’s network is of paramount importance. NetFlow reporting for service providers can further augment the level of detail the service providers can grant to its customer base and limit their access to certain functionality if needed.

Scrutinizer MTM module

What are you waiting for? Download Scrutinizer and get the industry’s deepest levels of visibility, accountability, and measurability today.