There are thousands of flows going through your network at any given point of time. Among these flows are the ones that carry threats such as a DDoS attack, or unauthorized scans and probes etc. Each and every flow has to be monitored in order to secure your network before the threat matures into an attack. To be able to view the entire network security posture, you don't necessarily have to toggle from tab to tab monitoring many interfaces across the devices. Advanced Security Analytics Module (ASAM), in addition to NetFlow Analyzer, simplifies this task for you. It gives a wholesome view of your network security threats in a single glance; this is known as the “Security Snapshot”.
Security Snapshot lists the various problems with their event / anomaly count (as a measure of the intensity of activity). The problems are further grouped in to various relevant classes. The problem taxonomy gives a list of all the problems and their classes that are identified in ASAM. The graphs and the pie charts help you get a feel of the spatial and temporal distribution of the problems.
ASAM also gives an user-friendly advanced filter option that helps you fine tune your report. This filter narrows down the security snapshot report based on the criteria provided by you. The available criteria are Class-problem, target entity / host, offender entity / host, router / interface name, severity and status.
ASAM, offered as a simple add-on module of NetFlow Analyzer, leverages the underlying platform's agentless centralized data collection and forensic analysis capabilities, to offer greater value. NetFlow Analyzer is a robust, scalable and a proven platform offering bandwidth monitoring and unified traffic analytics.