NetFlow Optimizer Enables Many Advanced Uses for Improved Network Operations and Security

Splunk NetFlow Integration

NetFlow Logic products extend application of NetFlow analysis beyond traditional use cases, providing operational visibility across virtual and physical domains and improving network security.

  • It enriches flow data with real-time DNS, SNMP information, VMware vCenter, current IP Reputation, GeoIP information, BGP information (AS Paths);
  • Identifies security threats and traces current known threat sources;
  • Identifies applications and users that consume bandwidth;
  • Initiates alerts of anomalous network traffic including “low and slow” DDoS attacks;
  • Flexible and extensible SNMP Polling capabilities. SNMP Traps are also supported;
  • Identifies VMs affected by physical network outages. Visualizes virtual and physical network data paths. Supports point-to-point communication tracing: VM–VM, VM – physical host, VM – VM over VXLAN;
  • Identifies the impact of physical network devices and interface failures on the virtual network;
  • Enriches and consolidates Amazon VPC Flow logs for your AWS Cloud monitoring;

The Demo is based on a sample of NetFlow Optimizer-generated syslog, visualized by the NetFlow Analytics for Splunk App. It is intended to demonstrate several common use cases that you can leverage with flow data analysis.