Docstoc

scrutinizer_netflow_challenge

Document Sample
scrutinizer_netflow_challenge Powered By Docstoc
					                                                   TM



                                                                     Take the NetFlow Challenge!

Scrutinizer NetFlow and sFlow Analysis                        VoIP Analysis
Scrutinizer is a NetFlow and sFlow analyzer that provides     Voice over IP (VoIP) Analysis is assisted in Scrutinizer by
another layer of cyber threat detection and incredibly de-    verifying:
tailed network utilization information about the users and
applications that consume your bandwidth.                     •   How much voice traffic is historically on the connection
                                                              •   What devices are involved with the most VoIP traffic
Using both Cisco’s NetFlow or sFlow Technology found on       •   What QoS is being requested
most switches and routers, Scrutinizer is able to retrieve    •   Confirm the router is modifying DSCP values
the traffic details you need and present them in a detailed
graphical view.
                                                                      Visualization of Network Health

                                                              Visualize Global Networks with Google Maps
                                                              Scrutinizer offers advanced integration with the Google
                                                              Maps API, which allows users to plot routers, switches and
                                                              device groups on imbedded Google or traditional maps.
                                                              This helps make high level network navigation a snap and
                                                              provides a window into your traffic details.




Network Behavior Analysis
Scrutinizer uses configurable algorithms to automatically
alert you when trouble is recognized.

•   Zero - day worms, SYN Floods and DoS attacks              Zero Day Threat Detection
•   Policy violations and internal misuse                     Behavior based threat detection without the use of signi-
•   Poorly configured and unauthorized devices                tures allows Scrutinizer to leverage flows from the existing
•   Unauthorized application deployments                      investment in routers and switches to perform zero day
•   Compare IP addresses to host reputation lists             detection of unknown threats.

Custom Report Filtering                                       The Best Value in NetFlow
Custom Reports allow the user to configure detailed re-       Regardless of your reason for choosing Scrutinizer, you’ll
ports by filtering on fields such as:                         easily recognize the value it brings to your network equip-
                                                              ment and your team. Scrutinizer is worth the investment.
•   IP Addresses, ranges and subnets
•   Port numbers and ranges                                   Take the NetFlow Challenge on the back!
•   Defined Applications which include ranges of protocols
•   Combine interfaces from multiple routers
•   Any NetFlow exported field


          Plixer International . 68 Main Street, Suite 4 . Kennebunk, ME 04043 . PH: 207.324.8805
                                                     TM



                                                                        Take the NetFlow Challenge!

NetFlow, sFlow & IPFIX                                                                         Flow
                                                                               SCRuTINIZeR               oTHeR
Can they do it and put it in writing?                                                        ANAlyTICS

Flow View to see all fields in the raw flows

Support for unlimited exporters                                                    5
Support for unlimited interfaces

Identify interface names using NetFlow, not SNMP

Support for multiple languages

Define application groups using ranges of ports and IP addresses

Display data in bits, bytes, packets or percent

Trend in, out or both at the same time, in all reports

Configurable time frame for DNS caching

100% support for Flexible NetFlow by breaking out details per template

Support for Netstream, sFlow (v2, v4, v5), J-Flow, IPFIX and AppFlow

Support for NetFlow v1, v5, v6, v7 and v9

Run reports to find rogue DNS, DHCP, mail, etc., servers on the network

Export data in csv format on all reports

Granularity down to the second it was received

Schedule email reports on demand

Save filters on custom reports

Include or exclude filters

Filter for “Host to Host” and “Subnet to Subnet”
Filter on any TCP flags

Filter on any field exported (e.g. MAC Address, VLAN, Latency, etc.)

Abiltiy to add mutliple interfaces across different routers to single report
Run reports specific to an interface.
IMPORTANT: As a host may have multiple routes to the same destination
Trends Flow Sequence Number and detects dropped flows

Tells what devices are misconfigured when sending flows

Support for IPv6




         Plixer International . 68 Main Street, Suite 4 . Kennebunk, ME 04043 . PH: 207.324.8805
                                                      TM



                                                                       Take the NetFlow Challenge!

NetFlow, sFlow & IPFIX                                                                        Flow
                                                                              SCRuTINIZeR               oTHeR
Can they do it and put it in writing?                                                       ANAlyTICS

Mapping of network with links that change color based on utilization

Ability to click on the links in the map to bring up the top conversations

Integration with Google Maps

Customize interface names and overwrite default SNMP ifAlias name

Customize interface speed, both in and out, with different values

SNMP v1, v2 and v3

LDAP support

Integration with any 3rd party NMS solutions via cross check

Search for specific hosts or ports across all flow exporters

MPLS reporting on subnets and tags

Online technical video training

Company has thousands of customers

Dashboards: unique interface per login account

Group based user permissions

Email reports on demand

IP grouping support
Exclude transport protocols from being saved per interface, router or glob-
ally (very important feature when VPNs and tunnels are involved).
Ability to view individual Flow templates (NetFlow v9 and Flexible NetFlow)
Ability to rename templates for future reference
Ability to select which NetFlow template to use in a report (important when
collection NetFlow from the Cisco ASA)
Flow Volume Report

Pair Volume (Volume of unique to/from address pairs)

Alarm for DDoS, DNS issues

Host Flows (volume of flows per host) with unique destination: Flows Ratio

Host Volume (volume of unique hosts per second)

Alarm for unfinished flows and nefarious activities




         Plixer International . 68 Main Street, Suite 4 . Kennebunk, ME 04043 . PH: 207.324.8805
                                                          TM



                                                                      Take the NetFlow Challenge!

NetFlow, sFlow & IPFIX                                                                           Flow
                                                                              SCRuTINIZeR                  oTHeR
Can they do it and put it in writing?                                                          ANAlyTICS

Top Subnets
Top Domains
Top Countries
Report and trend on Microsoft® Exchange logs
Detect network scans (e.g. SYN, RST/ACK, XMAS, FIN, etc.)
Alarm on saved filters (e.g. total traffic or per flow)
Constant automated DNS resolution for Flows received
Alarms for high interface utilization
Alarms for excessive traffic from a single host or application
Top flow senders, application, etc. across hundreds of routers/switches,
while deduplicating flows
Specify allowed subnets and alarm for rogue IP addresses
Unique index per alarm (tells how many other alarms the host has violated)
Alarm: Identify internal hosts communicating with known compromised
internet sites. (Online IP reputation database)
Alarm for BitTorrent, YouTube, Facebook, etc. use
Support for NBAR via NetFlow (i.e. not SNMP)                                  Flow View Only

Mitigate issues by turning ports off on switches or making ACL changes.
Saves all the records, all the flows, all the time for as long as necessary     Limited to
(i.e. decades)                                                                  24 hours
Set permissions per interface *
Set permissions per router *
Flow Expert in MyView for advanced, proactive awareness of anomalies
UltraSurf detection
Dynamic advanced filtering options based on any flow template
Flow Hopper shows the hop-by-hop path a flow takes through the network
Advanced Reporting on Citrix NetScaler for AppFlow (Urls, Latency, Etc)
Support for Cisco ASA NSEL Performance Routing (PfR), Performance
Monitoring, Smart Logging Telemetry (SLT), Cisco TrustSec, AVT Perfor-
mance Agent and others.
3rd party integration w/cross platform fault index




         Plixer International . 68 Main Street, Suite 4 . Kennebunk, ME 04043 . PH: 207.324.8805
                                                  TM



                                                                   Take the NetFlow Challenge!

NetFlow, sFlow & IPFIX                                                                       Flow
                                                                             SCRuTINIZeR               oTHeR
Can they do it and put it in writing?                                                      ANAlyTICS

Latency and round trip time for all devices on the network
Set interface speed per report
Search IP addresses or ports across all devices to track where it was seen
Requires expensive Microsoft Database
Company acquired millions in Venture Capital


*Requires Service Provider Module




        Plixer International . 68 Main Street, Suite 4 . Kennebunk, ME 04043 . PH: 207.324.8805

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:0
posted:3/14/2013
language:Unknown
pages:5