The network knows—so should you
Security team benefits
Reduce security risks
As a security professional, risk reduction is job #1. Decades of point security products, purchased in the name of prevention, have failed us. Breaches are inevitable. Today, the greatest risk reduction comes from a focus on forensic data and improving time-to-resolution after a breach occurs.
Support fast time-to-resolution
Faster time-to-resolution is accomplished through a faster time-to-know. Remediation can only occur after root cause has been established—and rich contextual data is the enabler. Telemetry data, centrally gathered from across your entire network infrastructure, enables faster time-to-know and time-to-resolution.
Deliver contextual forensics
Access to high volumes of disparate data does not lead to faster response. In fact, it can have the opposite effect. The best context and response comes from the correlation of network-related data with metadata from firewalls, IPS, SIEM, and distributed probes, all stitched together into a single database.
Advanced security analytics
IoT, BYOD, and the explosion of virtual machines have all created an unmanageable threat surface. Monitoring for anomalous activity and device behavior—including DDoS attacks—with network traffic analytics is the most effective indicator of compromise. Advanced analytics with proactive thresholds, alerting, and open RESTful APIs enable rapid and dynamic event response.
Network team benefits
Enrich data context of network traffic
Better context is achieved by correlating traffic flows and metadata, collected from all corners of the network, into a single database. Rapid filtering and reporting from this rich data deliver deep insight to answer the questions: who, what, where, when, why, and how.
Increase efficiency and reduce cost
The industry’s fastest and most accurate reporting delivers the data you need when you need it most. When users complain, but your SNMP tool’s lights are all green, what do you do? You turn to Scrutinizer to protect customer satisfaction, productivity, and revenue.
Improve network and application performance
Network/application optimization and root cause analysis require true end-to-end visibility. Scrutinizer delivers by collecting, visualizing, and reporting on data that extends all the way from the user to the cloud. It also provides real-time detection of DDoS attacks, minimizing disruption and loss of revenue.
Achieve fast reporting and massive scale
Scrutinizer’s hierarchical design with streamlined and efficient data collection allows you to start small and easily scale to multi-millions of flows per second. Although the network is always blamed, fast and accurate reporting allows the network team to identify root cause and deliver results.
|Flows collected per second||10,000||10,000||10,000||40,000 to 10+ million|
|Length of time raw flows are kept||5 hours||24 hours||Unlimited||Unlimited|
|Days of historical flow roll ups||1 week||Unlimited||Unlimited||Unlimited|
|Number of flow exporters supported||5||Pay per device||Pay per device||Pay per device|
|Advanced reporting on all vendor specific exporters|
|Full stitching and deduplication|
|3rd-party integration (e.g. Splunk, Elastic Search, etc.)|
|Support for all version of NetFlow, IPFIX, sFlow, etc.|
|Support for all vendor enterprise IPFIX elements|
|Ability to create filters to narrow in on traffic|
|All exporters index search for a host|
|Scheduled emailed reports (HTML & PDF)|
|Scheduled email top interfaces|
|Export data in CSV format|
|Access to API|
|Report Designer to build new reports from flows|
|8 AM – 5 PM (Eastern) technical phone support|
|Auto DNS resolve host names|
|Configure and trigger notifications|
|CSV export of tables (e.g. alarms, status, etc.)|
|Flow Hopper to show flow path (hop-to-hop)|
|Set thresholds in saved reports to monitor traffic|
|Define IP groups and report|
|Mult Tenancy Module – keep selected data private|
|Real-time DDoS detection|
|Threat detection algorithms|
|Business hours-based reporting|
|ASA ACL descriptions|
|AWS Kinesis streaming|
|Cisco: Source Fire eStreamer|
|LDAP, Radius, Tacacs authentication support|
|IP address to user name correlation support|
|Optional 24×7 technical support|
|Unified Distributed Collector support|
|Number of login accounts||2||5||Unlimited||Unlimited|
|Number of security groups||2||5||Unlimited||Unlimited|