Scrutinizer is a massively scalable system enabling the network and security teams to support fast and efficient incident response. It’s unique distributed architecture allows customers to start small and grow to meet their needs, no matter how large the physical or virtual environment.
Distributed Architecture Explained
Distributed Flow Collection Benefits
A distributed approach to flow and metadata collection allows performance monitoring and behavior-based threat detection to occur locally at each geographic location. Event data is forwarded for centralized collection, correlation, and reporting.
- Scales to several million flows per second across dozens of collectors
- Supports over 100,000 flow-exporting devices (e.g. switches, routers, firewalls)
- Delivers a central UI for viewing interfaces and collecting alarms across all collectors
- Creates a single search function for finding end systems by IP address or username
- Provides contextual details like username via integration with Microsoft Active Directory, Cisco ISE, and most other authentication systems
Value of a Distributed Architecture
A distributed deployment of Scrutinizer enables:
- Faster incident response times for better business continuity
- Contextual awareness across the entire environment informing better decisions
- Control over change management processes
- Complete visibility of resource allocation and capacity utilization