What you can do with it:
- Understand what’s happening on your networks in near-realtime*, with full IPv4 and IPv6 support. See last N network flows (Network State Table).
- Track all your network traffic from all your view-points (Netflow Exporters). Get real network visibility over time. Improve your BYOD or IoT security.
- Use the included NPAR engine (Network Probabilistic Application Recognition) to classify all IPv4 and IPv6 traffic in near-realtime with a precision > 90%.
- GeoReference your traffic using advanced MaxMind databases (available separately from MaxMind ).
- Check near-realtime* usage of Social Networks or other Internet/Intranet Applications.
- Detect near-realtime* top-talkers, most used protocols, TOR & P2P usage, most used subnets and more.
- See instantly relationships between IP Addresses (who talks to who).
- Respect your user/customer privacy: no user-contents are analyzed since only the flow metadata is provided as input.
- Use it as a unique tool to help designing packet-filtering rules in existing networks.
- Use it as a unique tool to help network or cloud migrations.
- Let it build a Flow Matrix to match or create your packet-filtering rules.
- Discovery of critical devices in your network: Routers, Storage, Web and Mail.
- Use Network snapshots to take an instant view of your network status. Simple, fast, portable, shareable.
- Export your data to anything you want (JSON, CSV, Oracle, SQLite, etc.).
- Petabytes of data ? Use JSON or CSV to feed your favourite Big Data Number Cruncher or SIEM.
- Got some brilliant ideas ? Write your own tool using the JSON API or, if not possible, let's talk about it !
- Use active, user-customizable, action scripts for every flow/template with the integrated LUA Engine. Detect near-realtime* and react immediately if certain types of traffic are matched. Start tracking data exfiltrations.
- Use Traffic Rules for consolidated actions to do on known traffic patterns: detect near-realtime* and alert if certail types of traffic are matched.
Open Data & Tools
- Open Source CLI Tools and GUI Application, JSON API, with full C & Python 3 sources and examples.
- Open Source and scalable binary data format
- Open Source JSON & CSV data formats for easy integration with your favourite tools.
- Pre-built clients are provided for Linux, Windows and Mac OSX.
- Proven & Secure client-server model with TLS 1.2/AES-256 strong encryption, with full IPv6 support, for apps & data.
- Field-tested with support for Cisco, Juniper, Palo Alto, Mikrotik, Ubiquiti, Fortinet (FortiOS >= 5.2), Huawei NETSTREAM, Checkpoint >= R76 GAIA, Sophos UTM, pfSense, opnSense, OpenVSwitch, VMWARE ESX & NSX Distributed VSwitch, Citrix XenServer, SoftFlowd, etc.
- Based on proven Industry & Open standards: Netflow V1/V5/V9/IPFIX.
- Available on Linux Debian/Ubuntu and RedHat/CentOS.
- Oracle Solaris, IBM AIX, NetBSD and other ports are available on demand.
- High performance (more than 200000 FPS on a dual Intel X5670 Xeon acting as NPAR collector only).
- Scalable software (runs from an APU2 to large X64 to a multicore Sun SPARC T5220 and more).
- Very low-cost, with an astonishing TCO against competition products.
- No software or license limits, hardware is the limit.
Cisco, Palo Alto, Juniper, Intel, MaxMind, Oracle, Netflow, Citrix, PcEngines, SPARC, Ubiquiti, Huawei NETSTREAM, Checkpoint GAIA, Sophos, VMWARE and all other names are properties and trademarks of their respective owners.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit.
This software embeds the LUA interpreter , designed and developed by a team at PUC-Rio in Brazil.
*(near-realtime = when Fl0wer receives the flows from the exporter)