Scrutinizer

Scrutinizer

                         The Scrutinizer System

Scrutinizer™ is at the foundation of the Plixer incident response and behavior analysis architecture. It is available as a physical or virtual appliance. Scrutinizer performs the collection, threat detection, and reporting of all flow technologies on a single platform. It delivers real-time situational awareness into the applications and their historical behaviors on the network.

Appliances

 

 

  • A single flow collection system supporting over 2000 flow sources
  • Collects over 100,000 flows per second
  • Supports all flow technologies on a single system (e.g. NetFlow, sFlow, IPFIX, J-Flow, NetStream)

Virtual Machines

 

 

 

 

  • Collects up to 40,000 flows per second
  • Supported on VMware, Hyper-V 2012, and KVM. The virtual appliance fits seamlessly into your virtual environment, whether it is existing or planned.
  • Supports all flow technologies on a single system (e.g. NetFlow, sFlow, IPFIX, J-Flow, NetStream)

SaaS Solution

 
 
 
  • Scalable architecture with cloud-based flow collection.
  • Supports all flow technologies on a single system (e.g. NetFlow, sFlow, IPFIX, J-Flow, NetStream)

Enterprise Visibility

 

 

 

  • Massive scalability, supporting dozens of distributed collectors
  • Capable of archiving and analyzing several million flows per second
  • Topology mapping with active links
  • Deduplication and stitching across collectors

Flow Analytics

 

 

 

  • Forensic audit trail reporting
  • Threat Detection of odd traffic patterns
  • Threat reputation support
  • Threat Index™ indicates weighted threat severity over time
  • Archives raw data for decades

Advanced Reporting

 

 

 

  • Additional reports for Cisco, Palo Alto, Citrix and dozens of other vendors
  • Behavior Baselines and alerting based on abnormalities, compared to historical trends
  • Custom threat detection algorithms
  • Integration with Cisco ISE, Microsoft, or RADIUS for end user name identification
  • Design and build custom reports for exports from any vendor (e.g. Cisco NBAR, AVC, etc.)

 

Top