Scrutinizer NetFlow Analyser :
Statistics & Reporting
Intrusion detection and prevention has gone beyond the firewall
Viruses have been reinvented to deploy them selves in ways that often get by even the best firewalls. Compromised end systems in your company can be used to scan other systems and create problems that ultimately leave your company looking like the culprit.
Scrutinizer inherently looks for strange traffic patterns such as abnormal traffic levels or hosts communicating over numerous TCP/UDP ports. Scrutinizer can notify you directly or send messages to your NMS (Network Management Solution).
Scrutinizer ships with traffic rules that should be modified after the product has determined a baseline. These rules are basically Alarm Conditions that can be used to automatically alert you when trouble is recognized.
Notify Attacking Companies
When Scrutinizer tells you that an outside host is causing problems, click on the police man icon 
and launch an email to the company or service provider responsible for that host. Scrutinizer will fill in the details including the destination email addresses!
Label applications for reporting
Scrutinizer lets users define applications using ranges of protocols. View the Application Groups and drill in for the individual protols and conversation pairs.
Clear, comprehensible graphs with easy navigation
It is tough to get lost in Scrutinizer, you will be navigating its interface in seconds. The reports are obvious and depict the information you need... fast.
Consider these two important questions:
- What are the top talkers/applications on the connection?
- What abuses are occuring?
Scrutinizer cuts to the chase and provides the top users, top applications, nd details on the users of the application or the applications used by the end system. In just a few minutes, the fundamental navigation of the software becomes clear.
Share what you see with co-workers
Scrutinizer can email you and your team status reports on a scheduled basis, helping to automate the process of keeping you proactive. Learn more about Emailed Reports.
Find out who is talking to whom on your network
Scrutinizer offers conversation reporting, which allows user to view conversation information being tranfered between hosts. This is useful in determining not only what hosts are talking to each other the most, but what protocol they are talking in and specific information about the conversations being transmitted between them.
To view the conversations interface just click on the 
icon next to any host.
Top Conversations
View the specific conversations between hosts that caused the most traffic for any given day, all in one place, simply by clicking the Top Conversations Tab.
Custom Reports
Custom Reports will allow the user to configure very detailed reports:
- IP Addresses, ranges and subnets
- Port numbers and ranges
- Defined Applications which include ranges of protocols
- Combine interfaces from multiple routers
- Specify bandwidth for the combined interfaces
- Scalable interface for hundreds of routers
- Security support for service providers wanting to give customer access to only specific data
Trend NetFlow and sFlow data over time
The Scrutinizer "Intelligent Interval Retrieval Architecture" (IIRA™) saves detailed data for unlimited years the following formats:
- weekly intervals
- daily intervals
- 12 hour intervals
- 2 hour intervals
- 1/2 hour intervals
- 5 minute intervals
- 1 minute intervals
- and even 2 second intervals all via a web browser!
Administrators decide how long each interval is kept! Hard drive space is the only limitation. Contact us for ideal storage solutions
Second-to-second traffic details
Scrutinizer is the worlds first real-time web-powered NetFlow trending tool. Its FlowCruch(TM) architecture scans hundreds of conversations per second and extends information in an easy comprehensible format. It can trend the following real-time:
- Top 10 Applications
- Top 10 Hosts
- Top 10 Applications per Host
- Top 10 Hosts per Application
No need for additional hardware
Because Scrutinizer uses the NetFlow technology already built into your existing routers and switches, you seldom have to deploy or maintain packet analyzer probes.
Share your findings with coworkers
Send pages via email once you zoom in on the problem. Most web pages in Scrutinizer can be emailed with additional notes in HTML format. Emailed pages could include:
- Top Hosts on a link for the past 24 hours, week or month
- Top Applications on a link for the past 24 hours, week or month
- Appliction details on a user acting strangely
- Host details on an application seeing excessive use
- The Vital Signs of the hardware Scrutinizer depends on
Emailed pages mean that you can send reports with comments on demand. This makes it easier to keep your team informed and proactive. Reports are sent in imbedded HTML and PDF format. Favourite reports can be emailed automatically every night, week or month and immediate issues can be emailed on-demand.
Verify application availability and uptime
Leverage Scrutinizer to help verify availability of the applications and services that your business depends on. Scrutinizer allows you to verify application availability while simultaniously letting you review traffic levels.
Service Provider Support
Create Custom Reports and grant others access to only see specific trends. When the customer logs in, they see only their report. The default greeting web page can be modified by the service provider.
High level analysis of network traffic
View top level utilization information with Scrutinizer and see the amount of traffic being generated through specific interfaces of a router.
The interfaces are even color coded according to their percent utilized. This helps to give the user a quick visualization of which routed ports on the network are the most congested.
76% -100% Utilized
61% - 75% Utilized
41% - 60% Utilized
1% - 40% Utilized
Click on an interface to bring up:
- Who - The end system causing the traffic
- What - The application/protocol being used
- When - The time frame it has been occurring for
- Where - The network connection that is affected
Information without limitations
Scrutinizer can accept multiple flows, there are no limitations on the number of flows that can be received; however, the Vital Signs should be monitored to make sure the hardware can handle the amount of data it is receiving.
It is incredibly easy to sort through any number of interfaces on any number of routers using Scrutinizer's advanced filtering techniques. This allows users with many routers and/or interfaces to quickly and easily locate specific interfaces of a router without having to scroll through all of them.
Analyze traffic used by VoIP related services
Voice over IP (VoIP) Analysis is assisted by Scrutinizer by verifying:
- How much voice traffic is historically on the connection
- What devices are involved with the most VoIP traffic
- The possible call volume that should be supported through the connection
- All VoIP vendors supported: Asterisk, Cisco, Nortel, Avaya, etc.