Plixer International Inc. today announces the release of Flow Analytics version 2.0, an add-on module for their Scrutinizer NetFlow & sFlow Analyzer tool. Flow Analytics works to ensure network health and stability by analyzing NetFlow data and alerting IT administrators on potentially hazardous traffic patterns.
Plixer has utilized various resources to create a pool of known compromised hosts on the internet, which no host on the network should be communicating with. The list is updated within Flow Analytics every single hour. Flow Analytics scrutinizes every flow, as it comes in, to ensure that there is no communication with any of these potentially dangerous hosts.
Version 2 of the Flow Analytics module brings a host of new in-depth network traffic reports, found in easy to configure Scrutinizer gadgets.
New gadgets include:
• Top Inter-network Traffic, which shows subnet to subnet traffic.
• Top Applications, with the ability to alert for applications which should not be on the network.
• Top Transport, with the ability to alarm for protocols (e.g. TCP, UDP, IGMP, etc.) which should not be on the network.
• Top Sending and Receiving Countries
• Top Sending and Receiving Domains
• Network Volume, which reports on the number of unique hosts or applications in the last 5 minutes versus the last 30 hours.
Each report runs across potentially hundreds of routers after deduplication, not just per interface/per router.
There are also new network behavior analysis algorithms, which sift through network traffic looking for illegal scans such as NULL, FYN, SYN, Invalid Subnets, XMAS Tree, and more; all of which can lead to worm attacks.
In support of the new Flow Analytics module, Plixer has also released Scrutinizer NetFlow & sFlow Analyzer version 6.0.5. This new version includes minor bug fixes, user interface enhancements and improved support for Flow Analytics.
No comments:
Post a Comment