Overview

FlowControl XN

FlowControl XN gathers and analyses data recorded with NetFlow v5 and v9, SFlow, IPFIX and NSEL protocols for network performance and capacity. It functions as both a data collector and analyzer. Among others, its functionalities include: diagnosing problems in network infrastructure, including network connection settings, or the so-called bottlenecks in network communication. It provides detailed information on the traffic generated by users, communication between servers and applications.

FlowControl offers a number of advanced indicators, reports and summaries based on the practical experience of engineers who created this solution gained during 20 years of work for the largest companies and institutions in the world. 

FlowControl XN may be expanded with the FlowControl XNS module used to detect and analyse security threats and FlowControl XND module used to to detect DDoS attacks.

sycope flowcontrol chart

Key features of FlowControl XN solution:

  • High efficiency (250,000 flows per second) and speed
  • Flexible tools for data analysis based on big data mechanism f.e. Google search
  • Identification of applications and hosts responsible for network load.
  • Visualisation of network connections, geolocation.
  • Functional validation of the QoS policy.
  • Communication analysis at a level of a single network port
  • Verification and analysis of L3 network segmentation
  • Easy installation and configuration - basic implementation where a base flow export configuration takes one day

FlowControl: a prompt answer to critical questions

  • What applications are used? Are they all legal?
  • Who uses the applications?
  • What servers are the source of the traffic? Are these actually servers?
  • Which servers are reached by the traffic? Should they be reached?
  • What applications generate the highest traffic?
  • Who occupies all the available bandwidth?
  • Is the operator’s incoming traffic properly marked?
  • Which interfaces/routers show the highest load?
  • Is the own and transit traffic being properly routed?
  • Is a sufficient bit rate ensured by the connections?
  • Is the traffic being properly directed?
  • What applications run on the servers?
  • What ports are used by the servers?
  • Where does the traffic come from and where does it go?
  • What servers generate the traffic? Is it legal?

HIGH EFFICIENCY

  • Views are generated without the need for constant data reloading.
  • Processing 250,000 flows per second, retrieved from a network of any architectural complexity.
  • Negligible load on the network and network devices.
  • Scalable mass storage enables to flexibly manage data retention periods.

ALERT SYSTEM

  • Alerts are generated on meeting pre-defined conditions, e.g. after exceeding the set limit for using a particular port or application traffic volume.
  • An alarm message is sent by email, Syslog or an SNMP trap.

FLEXIBLE DATA ANALYSIS MECHANISMS

  • Presentation of data relating to the entire network, groups of parameters or individual parameters (port, interface, host, IP) in any time window.
  • Easy top-down access – with just a single click, the drilldown mechanisms enable viewing of data for a specific port, interface or IP number.
  • Searching for data in the system using analysis tools like Google search.
  • Maintaining the time context and filters between views.
  • The possibility of saving complex search filters and time context (bookmarks).
  • The XND module uses data from the NetFlow protocol to detect DDoS attacks on specific services performed by a monitored group of hosts. The system analyses DDoS parameters within the defined time frames and enables to block a service via FlowSpec.

VERSATILE SYSTEM ADMINISTRATION TOOLS

  • Separate accounts for the system administrator and users allows their respective permissions to be determined with greater precision.
  • Possibility of authentication through the LDAP protocol or Radius service.
  • Special views enable the diagnoses of FlowControl system performance, including CPU and RAM load levels and the state of mass storage.

Article: NetFlow yesterday and today

Article written by Sycope engineer what is NetFlow and how is this protocol used in practice. 

Poland Office:
Goraszewska 19
02-910 Warsaw
Poland


contact@sycope.com

Ireland Office:
Alexandra House
The Sweepstakes
Ballsbridge, Dublin
D04 C7H2

Copyright 2021 Sycope Ltd. All rights reserved. Privacy policy