Our Partners

Netflow Logic Solution Partner

Overview

NetFlow Logic creates breakthrough performance, scalable software solutions for real time enterprise security, application and network optimization and monitoring. Integrating these solutions with existing security information and event management (SIEM) and system management investments increases network visibility and security awareness providing key real time operational insights. Not only are our solutions the most cost effective; they improve the ROI of other SIEM and system management tools.

Netflow Logic

Modern network devices can create 400K flows / sec. (1.6TB/day of NetFlow data from a single device) and NetFlow collectors are incapable of processing that much data at reasonable cost. Not to mention netFlow collectors / analyzers often are isolated from other log management tools, so this problem requires a drastically new approach.

The Solution – Consolidated Flow Information

  • Consolidated flow information is sent to SIEM in syslog format
  • SIEM may request to provide detailed NetFlow data in Δ t around interesting events
Traffic Summary
  • The number of network policy violations, such as ACL, exceeds a certain threshold
  • A host on internal network generates unusual traffic volume
Events Based on Host Reputation
  • A host on internal network generates unusual number of connections
  • And so on… just add rules to NetFlow Integrator