NetFlow Optimizer™ Solutions

Overview

This page describes NetFlow-based solutions to the most common problems that each network operator is facing today, using products developed by NetFlow Logic and our technology partners.

Our core product, NetFlow Optimizer (NFO), is a powerful real-time processing engine for different types of flow data from various vendors, including NetFlow, sFlow, J-Flow, and IPFIX. NFO generates multiple standard Syslogs that can – then be visualized and processed by other systems.

NetFlow Optimizer dramatically enhances the value and capabilities of existing log analyzers and SIEM systems.

Protect and Improve ROI on Existing Network Equipment and Monitoring Solutions

NetFlow Optimizer sends flow information in standard syslog format to accommodate the capabilities of your existing SIEM System and log analyzer. You can upgrade switches and routers (or not upgrade them), or upgrade SIEM systems or log analyzers and use this software to ensure compatibility among various network devices.

Reduce Storage & Bandwidth Costs

NFO processing engine provides flow optimization that Deduplication enables you to. Aggregation enables you to bring together records from multiple types to flow and log sources, and to filter them to eliminate duplication and store only a single copy of each record. You can thus save money on storage hardware and license fees for software that often based on amount of flow traffic.

NetFlow Optimizer Improves Security and Understanding of Network Usage

The network traffic pattern contains information about the traffic activity on your network. Flow data optimized and enriched by NFO can be used to gather intelligence on network usage and take corrective actions. This capability addresses the need to understand the different nature of your business in different locales, as well as the need to learn if people are using your network inappropriately.
For example: one branch office has different patterns of application use or network activity; or people in the office surf the web during office hours.
NetFlow analysis can be used to improve network efficiency. For example, you can detect high latency and bottlenecks in your network.

NFO is complementary to traditional network security solutions that can be bypassed by unknown malware and well prepared targeted attacks. When used together with properly Security Information Event Management (SIEM) system it provides effective solution for detecting advanced security threats like botnets, insider threats, data leakage, etc.

Learn more about using NFO with Splunk Enterprise for IT Operational Intelligence & Security.

NetFlow Optimizer Enables DDoS and Network Behavior Anomaly Detection

Mobility, virtualization and other technologies have changed the way companies do business today. At the same time cybercriminals are becoming more sophisticated and ruthless: they are not only use bots to amplify and accelerate their ability to hack your network, but also constantly create new malware, which is built from scratch to exploit software vulnerabilities of which vendors aren’t yet even aware.

Most companies are still relying on legacy IT systems that are not suitable to protect against unknown malware and other evolving threats. The answer to this challenge is a proactive network behavior anomaly detection that can be implemented using NetFlow Optimizer.

NFO based solution permanently observes network traffic in real-tie, analyses communication, seeks anomalies and reveals suspicious behavior including DDoS attacks. Implementation of NFO in conjunction with SIEM system from various vendors enables network security engineers effectively respond to yet unknown security threats undetectable by other technologies.

NetFlow Optimizer for Corrective Provisioning

NFO generated Syslogs provides multi-dimensional information about network traffic related to various devices and applications allowing you to gain valuable insight on how to properly manage, and if necessary, correct the provisioning of your network. This addresses the problems both of network inefficiencies and the need to plan for future growth.