Scrutinizer is at the foundation of the Plixer incident response and behaviour analysis architecture. It’s available as a physical or virtual appliance, or as a Windows download. Scrutinizer performs the collection, threat detection, and reporting of all flow technologies on a single platform. It delivers real-time situational awareness into the applications and their historical behaviours on the network.
Get custom reports in a single dashboard where you can quickly drill down to specific routers, interfaces and user applications to verify traffic details from several geographically disparate locations on your network. Using Cisco’s NetFlow Technology (an IOS software feature found in an ever increasing number of switches and routers), Scrutinizer is able to retrieve the traffic flow data and present it in an intuitive, clear graphical view.
The free download version of Scrutinizer allows you to drill down on 24 hours’ worth of data to get the lowdown on network utilisation. You also have the option to upgrade to the Flow Analytics add-on to get full archiving functionality and historical network trend analysis on data such as Top Applications, Top Hosts, Top Applications per Host, Top Hosts per Application and Top Conversations.
Scrutinizer provides the following features & benefits:
- Massive scalability, supporting dozens of distributed collectors
- Capable of archiving and analysing several million flows per second
- Topology mapping with active links
- Deduplication and stitching across collectors
- A single flow collection system supporting over 2000 flow sources
- Collect up to 200,000 flows per second
- All flow technologies supported on a single system (i.e. NetFlow, sFlow, IPFIX, J-Flow, NetStream, etc.)
- Forensic audit trail reporting
- Threat Detection of odd traffic patterns
- Threat reputation support
- Threat Index indicates weighted threat severity over time
- Archiving of raw data for decades
- Additional reports for Cisco, Palo Alto Networks, Citrix and dozens of other vendors
- Behaviour Baselines and alerting based on abnormalities, compared to historical trends
- Custom threat detection algorithms
- Integration with Cisco ISE or Microsoft for end user name identification
- Design and build custom reports for exports from any vendor (e.g. Cisco NBAR, AVC, etc.)
- Support for hundreds of unique login accounts with access limited to specified data
- Billing and invoicing support
Additional modules include:
- Extends flow support in areas where NetFlow, sFlow, or IPFIX aren’t available
- Detailed metrics on applications, response times, and usernames
- Exports NetFlow and IPFIX
- Eases the forwarding of flows from routers, switches, or servers to multiple collection systems
- High speed architecture capable of 10GbE wire speeds
- Leaves the originator address in tact
- Available as in hardware or as virtual appliance
- Real-Time Tool Kit for testing and configuring hardware or software for sending and receiving flow data.