Plixer Scrutinizer – 100% network visibility
Scrutinizer provides full visibility of every network conversation, enabling network security (SecOps) and network performance (NetOps) personnel to work much more efficiently.
It provides details of malicious activity and quickly determines the causes of issues such as high bandwidth use, jitter and latency.
Scrutinizer’s highly intuitive interface enables easy resolution of network issues and proactive ongoing monitoring.
How does Scrutinizer work?
Most of the network infrastructure devices in your organisation, such as routers, firewalls, switches, wireless access points and so on, are capable of generating rich and detailed metadata about the traffic that is flowing through them. Examples include NetFlow, IPFIX, sFlow, Jflow and Junos Traffic Vision, but there are many more. Scrutinizer collects this metadata and provides comprehensive reports to tell you exactly what is going on. Scrutinizer also contains sophisticated algorithms that analyse the metadata and provide alerts on suspicious activity.
Another way to gain visibility of network traffic would be to capture and record all of the network traffic, but this would consume a large amount of storage capacity. The metadata collected by Scrutinizer takes up very little storage space, so you can keep it as long as you need it. A full set of storage parameters is available in the Scrutinizer user interface, along with a handy calculator, and you can adjust it as needed.
In addition to all the standard reports, Scrutinizer also contains a report designer that enables users to create their own custom reports to show the exact information they need.
Watch the following short video about Scrutinizer:
Common use cases for Scrutinizer
Our customers often choose Scrutinizer for:
a) Security analysis
b) Network performance monitoring (NPM)
c) Employee productivity monitoring
- Scrutinizer is a powerful tool for both comprehensive network security analysis and network performance monitoring.
- Scrutinizer’s user interface is incredibly flexible, enabling you to view information from NetFlow and interact with it exactly how you want. It’s also highly intuitive, ideal, especially in high pressure situations.
- Scrutinizer includes a comprehensive selection of pre-built reports. It’s also quick and easy to build your own bespoke reports.
How is Scrutinizer licensed?
Multiple editions of Scrutinizer are available, including virtual or hardware appliances. The hardware will be custom-built to your requirements, with the software pre-installed, which offers superior performance. You can compare the various options on the chart below:
|Scrutinizer licence tiers||Free||MDX||SSRV||SCR||SCR-HDW||VDR||HDR|
|Flows collected per second||10K||10K||10K||40K||100K||Up to 4+ million||Up to 4+ million|
|Length of time raw flows are kept||5 hours||24 hours||Unlimited||Unlimited||Custom||Unlimited||Unlimited|
|Days of historical flow roll ups||1 week||Unlimited||Unlimited||Unlimited||Custom||Unlimited||Unlimited|
|Numbers of flow exporters supported||5||Pay by device||Pay by device||Pay by device||Pay by device||Pay by device||Pay by device|
|Advanced reporting on all vendor specific exports||✔||✔||✔||✔||✔||✔||✔|
|Full stitching and deduplication||✔||✔||✔||✔||✔||✔||✔|
|3rd party integration (eg Splunk, Elastic Search etc)||✔||✔||✔||✔||✔||✔||✔|
|Support for all versions of NetFlow, IPFIX, sFlow etc||✔||✔||✔||✔||✔||✔||✔|
|Support for all vendor enteprise IPFIX elements||✔||✔||✔||✔||✔||✔||✔|
|Ability to create filters to narrow in on traffic||✔||✔||✔||✔||✔||✔||✔|
|All exporters index search for a host||✔||✔||✔||✔||✔||✔||✔|
|Scheduled emailed reports (HTML and PDF)||✔||✔||✔||✔||✔||✔|
|Scheduled email top interfaces||✔||✔||✔||✔||✔||✔|
|Export data in CSV format||✔||✔||✔||✔||✔||✔|
|Access to API||✔||✔||✔||✔||✔||✔|
|Report designer to build new reports from flows||✔||✔||✔||✔||✔||✔|
|8am-5pm Eastern Standard Time technical phone support||✔||✔||✔||✔||✔||✔|
|Auto DNS resolve host names||✔||✔||✔||✔||✔||✔|
|Configure and trigger notifications||✔||✔||✔||✔||✔|
|CSV export of tables (eg alarms, status etc)||✔||✔||✔||✔||✔|
|Flow hopper to show flow path - hop to hop||✔||✔||✔||✔||✔|
|Set thresholds in saved reports to monitor traffic||✔||✔||✔||✔||✔|
|Define IP groups and report||✔||✔||✔||✔||✔|
|Multi-tenancy module - keep selected data private||✔||✔||✔||✔||✔|
|Real-time DDoS detection||✔||✔||✔||✔||✔|
|Threat detection algorithms||✔||✔||✔||✔||✔|
|Business hours based reporting||✔||✔||✔||✔||✔|
|ASA ACL descriptions||✔||✔||✔||✔||✔|
AWS kinesis streaming
|Cisco: Sourcefire eStreamer||✔||✔||✔||✔||✔|
|LDAP, Radius, Tacacs authentication support||✔||✔||✔||✔||✔|
|Number of login accounts||2||5||Unlimited||Unlimited||Unlimited||Unlimited||✔|
|Number of security groups||2||5||Unlimited||Unlimited||Unlimited||Unlimited||✔|
|IP address to user name correlation support||✔||✔||✔||✔||✔|
|Optional 7x24 technical support||✔||✔||✔||✔||✔|
|Unified distributed collector support||✔||✔||✔||✔|
|Ability to scale with many 40k flows per second virtual collectors||✔||✔|
|Ability to scale with many 100k flows per second hardware collectors||✔|
|Upgrade paths are available for all licence tiers|
Scrutinizer is also available as cloud-based software as a service.
You can see a selection of the most popular options in our shop.