The Scrutinizer System
Scrutinizer® is the foundation for Plixer’s network traffic analytics system. It stands out in the industry by offering the most scalable solution on the market, delivering the fastest reporting, and providing the richest data context available anywhere. Role-based access automatically presents the network and security teams with the data they need to support fast, efficient network and security incident response. Scrutinizer is available as both physical and virtual appliances, as well as through a software-as-a-service cloud-based offering.
Network Team Benefits
Enrich Data Context of Network Traffic
Better context is achieved by correlating traffic flows and metadata, collected from all corners of the network, into a single database. Rapid filtering and reporting from this rich data deliver deep insight to answer the questions: who, what, where, when, why, and how.
Increase Efficiency and Reduce Cost
The industry’s fastest and most accurate reporting delivers the data you need when you need it most. When users complain, but your SNMP tool’s lights are all green, what do you do? You turn to Scrutinizer to protect customer satisfaction, productivity, and revenue.
Monitor Network and Application Performance
Network/application optimization and root cause analysis require true end-to-end visibility. This must extend all the way from the user, through the Wi-Fi, into the wired edge and distribution closets, across the data center, and into the cloud. Scrutinizer delivers all this and more.
Achieve Fast Reporting and Massive Scale
Scrutinizer’s hierarchical design with streamlined and efficient data collection allows you to start small and easily scale to multi-millions of flows per second. Although the network is always blamed, fast and accurate reporting allows the network team to identify root cause and deliver results.
Security Team Benefits
Reduce Security Risks
As a security professional, risk reduction is job one. Decades of point security products, purchased in the name of prevention, have failed us. Breaches are inevitable. Today, the greatest risk reduction comes from a focus on forensic data and improving time-to-resolution after a breach occurs.
Support Faster Time-to-Resolution
Faster time-to-resolution is accomplished through a faster time-to-know. Remediation can only occur after root cause has been established, and rich contextual data is the enabler. Telemetry data, centrally gathered from across your entire network infrastructure, enables faster time-to-know and faster time-to-resolution.
Deliver Contextual Forensics
Access to high volumes of disparate data does not lead to faster response. In fact, it can have the opposite effect. The best context and response comes from the correlation of network-related data with metadata from firewalls, IPS, SIEM, and distributed probes, all stitched together into a single database.
Advanced Security Analytics
IoT, BYOD, and the explosion of virtual machines has created an unmanageable threat surface. Monitoring for anomalous traffic and device behavior with network traffic analytics is the most effective indicator of compromise. Proactive thresholds, alerting, and open RESTful APIs enable rapid and dynamic event response.
Deployment Options
Hardware Appliance
- Collection rates exceeding 100,000 flows per second
- A single flow collection system supporting over 2000 flow sources
- Each collector can support all flow technologies (e.g. NetFlow, sFlow, IPFIX, J-Flow, NetStream, etc.)
Virtual Machines
- Collection rates up to 40,000 flows per second
- Supported on VMware, Hyper-V 2012, and KVM.
- Each virtual collector supports all flow technologies (e.g. NetFlow, sFlow, IPFIX, J-Flow, NetStream, etc.)
SaaS Solution
- Public and hybrid cloud deployment options
- Scalable architecture with visualization and reporting from anywhere
- Supports all flow technologies (e.g. NetFlow, sFlow, IPFIX, J-Flow, NetStream, etc.)
Scrutinizer License Tiers
Feature | FREE | MDX | SSRV | SCR |
|---|---|---|---|---|
| Flows Collected Per Second | 10K | 10K | 10K | 40K / Up to 10+ Million |
| Length of time raw flows are kept | 5 hours | 24 hours | Unlimited | Unlimited |
| Days of historical flow roll ups | 1 week | Unlimited | Unlimited | Unlimited |
| Number of Flow Exporters Supported | 5 | Pay by device | Pay by device | Pay by device |
| Flexible Licensing | Limited |  | | |
| Advanced Reporting on all vendor specific exports | | | | |
| Full Stitching and Deduplication | | | | |
| 3rd party integration (E.g. Splunk, Elastic Search, etc.) | | | | |
| Support for all versions of NetFlow, IPFIX, sFlow, etc. | | | | |
| Support for all vendor enterprise IPFIX elements | | | | |
| Ability to create filters to narrow in on traffic | | | | |
| All exporters index search for a host | | | | |
| Scheduled Emailed Reports (HTML & PDF) |  | | | |
| Scheduled Email Top Interfaces | | | | |
| Export Data in CSV format | | | | |
| Saved Reports | | | | |
| Access to API | | | | |
| Report Designer to build new reports from flows | | | | |
| 8AM-5PM Eastern Time Technical phone support | | | | |
| Create Dashboards | | | | |
| Auto DNS Resolve host names | | | | |
| Configure and trigger notifications | | | | |
| CSV export of Tables (e.g. Alarms, Status, etc.) | | | | |
| Flow Hopper to show flow path – hop to hop | | | | |
| Set thresholds in saved reports to monitor traffic | | | | |
| Define IP Groups and Report | | | | |
| Multi Tenancy Module – keep selected data private | | | | |
| Threat Detection Algorithms | | | | |
| Business Hours Based Reporting | | | | |
| ASA ACL Descriptions | | | | |
| AWS Kinesis Streaming | | | | |
| Cisco : Source Fire eStreamer | | | | |
| LDAP, Radius, Tacacs Authentication Support | | | | |
| Number of login accounts | 2 | 5 | Unlimited | Unlimited |
| Number of security groups | 2 | 5 | Unlimited | Unlimited |
| IP address to user name correlation support | | | | |
| Optional 7x24 technical support | | | | |
| Unified Distributed Collector Support | | | | |
Upgrade paths available for all license tiers.
Social Media