NetFlow and sFlow Analyzer Software - FlowTraq

Overview

FlowTraq uses network flow records to provide integrated monitoring and forensic analysis capabilities. It is a powerful and customizable software application that significantly increases insight into network behavior, making it easy to spot the risks before they become problems, and to investigate an incident if one does occur.

Alerting on virtually any condition Custom queries to capture any threat Full fidelity flows, no data aggregation Configurable dashboard and reporting Microsecond precision IPv6 compliant NetFlow, sFlow, jFlow and cFlow compatible AS numbers for peering and transit surveys

Free trial from our flows partner, ProQSys

Features

FlowTraq’s features are designed to complement and improve your existing network operations.



Full Fidelity Flows: FlowTraq doesn’t aggregate data or throw it away. Its high-efficiency storage structure allows it to keep all the data it collects. You won’t know today what information you’ll need to secure your network tomorrow. We store it all and let you select which views are relevant.

Alerting: Alert on virtually any traffic condition: blacklisted IP addresses, high bandwidth usage, use of undesired applications, portscans, spam relays within your network, or any other condition you consider relevant for your network. If it sends or receives packets, you can alert on it.

Reporting: Schedule reports to run at regular intervals to collect and report critical information. Bill your customers each month for bandwidth used, track the national demographics of your website’s visitors, or print any workspace you create.

IPv6: If your exporters support NetFlow v9 or sFlow®, FlowTraq is fully IPv6 compliant. It can be deployed in full IPv6 environments, and works seamlessly in mixed IPv4/IPv6 networks.

NetFlow, sFlow, cFlow, jFlow: If it exports Flows, we support it. There are many flow formats on the market today, and your format will depend mostly on your networking hardware. We strive to be compatible with all of them, so we fit your environment hassle-free.

User customizable workspaces: Different networks have different challenges, and different users have different preferences. Our enterprise setup with customizable dashboards allow hundreds of users to benefit maximally from the flow data, without getting in each other’s way.

Microsecond precision: If your exporter supports it, we do too. When switches handle hundreds of thousands of packets per second, microsecond precision is sometimes the only differentiator between cause and effect. Figure out exactly what happened first, and what followed.

Components of the FlowTraq Solution

FlowTraq solution consists of one or more flow collecting servers, one or more dashboard clients, and optionally our free software flow exporter:

FlowTraq Server is a state-of-the-art flow collection and analysis server, featuring:

• Faster Results. 100 times faster than full packet capture, with 100 times longer data retention.
• Better Accuracy. No aggregation. Full forensic recall of all network flows, including IPv6.
• In-depth analysis. Detect abuse, misconfigurations, data leakage, structured attacks, and more.

Dashboard Client

FlowTraq Dashboard is an easy to use, intuitive, and configurable user interface.

• Flexibility. Connect to FlowTraq Server from anywhere to view your custom dashboard and analyze traffic.
• Unlimited filtering. Sort, search, filter, and view your traffic to quickly determine what’s important.
• Alerting and reporting. Create alerts on traffic patterns, schedule reports for analysis or ISP billing.

Software Exporter

You don't have NetFlow, sFlow®, cFlow or jFlow hardware? No Problem.

• Easy. Software exporter can sniff SPAN or mirror ports, or use your PCAP files to create NetFlow v9.
• Increased Visibility. To monitor critical systems individually, just run our software exporter.
• Runs Everywhere -- on Windows, Linux, Mac, and Solaris.

Product Usage:

• Forensics: Incident response, IP leakage, PCI system compromise, legal discovery inquiries.
• Monitoring: Usage monitoring, billing and bandwidth reports, network troubleshooting, traffic origins.
• Security: Policy development, policy violation detection, scans and malicious behaviors, blacklists.