Filter
Top Products
9
SonicWALL Scrutinizer 9.0.1 Release Notes
P/N 232-000861-00 Rev A
Flow Analytics Module
The Flow Analytics Module brings traffic flow diagnostics to the next level by adding historical reporting for an
unrestricted period of time, advanced alarming with the ability to set thresholds, role-based administration, and in-
depth traffic analysis algorithms to the Scrutinizer software. It can easily identify top applications, conversations,
flows, protocols, domains, countries, and subnets on the network, as well as watch for and alert on suspicious or
potentially hazardous network behavior patterns thereby providing administrators with greater network security
awareness.
In addition to the base-level features Scrutinizer with the add-on Flow Analytics module provides several additional
advanced features, such as:
• Flexible Reporting
o SonicWALL specific templates for reporting
o Special traffic analysis reports such as Flow Volume & NBAR Support
o MPLS reporting by subnet
o Microsoft Exchange log trend analysis
o Puts information at administrators fingertips
Easily identify the top applications being utilized on the network
Easily identify the top country of origin for traffic flowing across the network
Easily identify the top domains being accessed
Easily identify the top subnets being utilized on the network
With the addition of the Flow Analytics module Scrutinizer becomes an even more powerful reporting engine
offering even greater flexibility and granularity. In addition to all the reporting functions provided in the base edition,
Scrutinizer with Flow Analytics adds advanced reporting options such as flow volume, MPLS by subnet, Microsoft
Exchange log trending and NBAR support. Administrators have with a wealth of information right at their fingertips.
IT administrators can create custom reports by applying filters to granularly define the specific information desired.
Once created, custom reports can be saved for later use. Custom Reports allow the user to configure detailed
reports by filtering on fields such as: IP Addresses, ranges and subnets; Port numbers and ranges; Defined
applications including ranges of protocols and groups of protocols; Multiple interfaces from different routers and
switches; Any exported field available via NetFlow or IPFIX; Dynamic QoS monitoring; Detailed security / forensic
information
The Flow Analytics Module adds several additional flow based traffic analysis report types. Examples include but
are not limited to: Granular IPFIX based application visualization reports for SonicWALL products; Flexible NetFlow
NBAR
based application reports (requires IOS v15 on Cisco routers); Conversations to/from host pairs and
applications used; Flow reports with ToS field; Host flow reports to show hosts sending or receiving the most flows;
Host volume reports to show the volume of unique hosts per second; Pair volume reports to show the volume of
unique to/from address pairs per second
• ‘Set It & Forget It’ Alerting
o Easily create alerts to notify administrators of unfinished flows or nefarious activities
o Alerts can trigger email notifications, SNMP traps, syslog messages, and script execution (facilitating event
remediation)
o Alarms can be configured to alert administrators based upon specific interface utilization
o Administrators can be alerted based on any pre-defined report
o Reports can be scheduled, then emailed to administrators
o Administrators can proactively monitor QoS of RTSP traffic
The Flow Analytics add-on to Scrutinizer provides administrators with greater automation control making routine
advanced reporting a snap. Alerts can be configured based upon everything from unfinished flows to specific
interface utilization. Further, administrators can configure QoS thresholds to proactively be alerted of RTSP latency
and jitter before end users even reports a problem.