Flow Analytics (FA)
Flow Analytics is a company wide network traffic monitoring add-on to Scrutinizer. It brings the following additional features:
Flow Analytics allows you to archive NetFlow Data beyond 24 hours. Infinite years of data can be saved at selectable intervals. Even raw flows can be saved - forever.
Easily identify Top Applications, Conversations, Flows, Protocols, Domains, Countries, Subnets, etc. across dozens of routers and switches. Select which Exporters Tables the algorithms query.
Trigger alarms through established thresholds based on saved reports in Scrutinizer. For example, if you want to monitor an application for a certain ToS, within a class A subnet - Flow Analytics can do it!
Identify culprits quickly through automated DNS resolution.
Reporting and alarming on internal network SYN, NULL, FIN, XMAS Scans, RST/ACK worms, P2P, ICMP unreachable, illegal IP addresses, excessive Multicast traffic, known compromised internet hosts, DDoS attacks and more.
Easily identify repeat offenders history and create a Unique Index (UI) to manage traffic counts. Flow Analytics also helps locate machines involved with DoS attacks or infected with viruses.
The Flow Expert Window provides a view into immediate network problems to help identify and resolve DoS attacks, bottlenecks, network scans, improperly terminated connections and more. Typically this "Expert Window" feature is only found in packet analyzers.
Advanced reporting
- Applications NBAR: (requires IOS v15 on Cisco routers)
- Conversations App: Displays to/from host pairs and application used.
- Conversations NBAR: (requires IOS v15 on Cisco routers)
- Flows: Connections report with ToS field.
- Host Flows: Hosts sending the most flows.
- Host Volume: Volume of unique hosts per second.
- Pair Volume: Volume of unique to/from address pairs per second.
- Many others…