Benefits of Network Security Analytics & Anomaly Detection: NetFlowAnalyzer

Bandwidth Management
Traffic Analysis
QoS Monitoring
Reports
Network Security and Forensics
Flow-based Monitoring
Network Packet Sensor
Remote Monitoring
- Distributed Monitoring
Integrations and Add-ons
Mobile Applications
- Mobile Apps
Bandwidth Monitoring Basics
More on NetFlow Analyzer

Refer Resources

Benefits of ASAM

Centralized agentless traffic data collection, analysis and management
Seamless visibility into both external and internal security threats
Context-sensitive zero-day intrusion / network anomaly detection capabilities
Continuous overall security posture assessment
Proactive feedback-driven access and traffic policy decisions
Actionable and real-time decision support system

Technical Capabilities

High throughput & low latency Stream Processing
Asynchronous and parallel data processing
Rapid Rules Engine and flexible criteria profiles
Contextual resource modeling and problem heuristics
Advanced event correlation and mining algorithms

Features

Auto Discard Flows

Whitelist specific flows for specific problems
Extensive flow filter configuration options
Consolidated Discard Filter configuration reporting

Event Troublshoot Report

Ad-hoc forensic investigation and analysis
Groups flows for quickly discerning patterns
Segment flows by originating router

Custom Problem Management

Enable ⁄ Disable specific problems and algorithms
Focus in pertinent problems of interest

Auto Ignore Events

Network security snapshot

Whitelist specific resources for specific problems
Option to store ignored events for auditing
Consolidated Ignore Filter configuration reporting

Security Snapshot

Network security snapshot

This displays a list of grouped threat⁄ anomaly as a problem and further, the problems are categorized in to three major problem classes (Bad Src-Dst, DDoS, Suspect Flows). Read more...

Event List

Network security event list

The ‘Event List’ in ASAM lists, classifies and organizes all the events that might become attacks. Also, ASAM assigns severity of an event; this allows you to prioritize your actions. Read more...

Event Details

network security event details

Event details gives a thorough detail about the problem. The details include network, port, protocol, TCP flag and much more. Clicking on the router name gives details with mapped destination- source IP and the application, port, protocol etc. used. This report can be exported as a pdf or can be mailed with just a single click.