Skip to main content
Version: 2.10.2

Key Features

This section highlights the robust capabilities of NetFlow Optimizer, providing network administrators and security professionals with advanced tools and insights. It is designed to empower organizations to harness the full potential of NetFlow data and enrich their network security and IT operations. Discover how NetFlow Optimizer can assist in optimizing network performance, enhancing security measures, and streamlining IT management. Whether you're focused on proactively monitoring network traffic or ensuring top-notch network security, these key features offer essential tools to meet your needs effectively.

Security

NFO provides a comprehensive suite of security capabilities designed to safeguard your network against known and emerging threats, while also enriching data for enhanced analysis:

  • Threat Detection: Identify both known and emerging security threats, including interactions with malicious hosts, virus propagation, and denial-of-service attacks.

  • Threat Tracing: Trace the origins of security threats, enabling proactive measures to thwart potential attackers.

  • Data Loss Prevention: Detect unauthorized data exfiltration, whether destined for external sites or lateral movement within your network.

  • User Activity Monitoring: Track user activity to identify suspicious behavior and potential security threats.

  • Compliance Reporting: Generate comprehensive reports to demonstrate compliance with industry regulations, enriched with additional contextual data.

  • Data Enrichment: Augment flow data with valuable insights, such as reputation information about IP addresses and domains, user identity integration, application visibility, and GEO IP tracking, enhancing overall security analysis and threat detection capabilities.

IT Operations

NetFlow Optimizer empowers you to see the big picture and gain in-depth insights into your network activity, from the cloud to the user level. This comprehensive visibility equips you to proactively identify and troubleshoot issues, optimize performance, and enhance security.

  • Cloud Monitoring: Gain unified visibility into cloud network traffic across AWS, Azure, GCP, and OCI. NFO integrates seamlessly, providing enriched flow data with region, instance name, and VPC information.

  • Network Device Health: Proactively identify potential issues by monitoring CPU/memory utilization, interface errors/dropped packets, flapping interfaces, latency, and jitter.

  • User Activity Monitoring: Track user activity and potential security risks with integrations for Windows Domain Controller and other identity systems (login/logout events via syslog).

  • Application Visibility: Gain deep insights into application traffic across various environments: Cisco (AnyConnect, AVC flows), Fortinet devices (IPFIX), Palo Alto Networks, DPI-based application detection (e.g., Cubro Omnia), and known destination ports.

  • Network Flow Analysis: Pinpoint performance bottlenecks and troubleshoot effectively with VM-to-VM/VM-to-host conversation path reconstruction and physical device/interface mapping impacting VM performance (visualized on Splunk dashboards).

  • Real-time Flow Data Management: Optimize storage and processing with flow data consolidation and deduplication (store only a fraction of data while retaining valuable insights). NFO also supports any standard flow protocol (NetFlow, IPFIX, sFlow, J-Flow, NetStream).

Common Features

NetFlow Optimizer delivers a robust foundation with features designed for optimal performance, ease of use, and adaptability to your specific needs.

  • Unparalleled Processing Power: Processes over 1 million flows per second without data loss, with consolidation reaching 350,000 flows per second.

  • Broad Platform Compatibility: Runs on Linux, Windows, and Amazon AMI for cloud deployments.

  • Enhanced Flow Data Context: Enriches flow data with real-time information like Reverse DNS, VM details, application identification, user identity, security reputation, GeoIP location, and SNMP data.

  • Tailored for Your Network Environment: Modular design allows you to enable and configure features specific to your needs.

  • Built-in Services for Streamlined Network Management:

    • NetFlow Recorder: Capture and replay network traffic for historical analysis.
    • Reverse DNS Lookup: Automatically associate hostnames with IP addresses.
    • SNMP Polling and Traps Support: Monitor device health and performance.