1st Advance Ltd
Contact Us

Fluke Networks Latest News & Updates

NetFlow Tracker v6 Available

NetFlow Tracker Version 6 is now available for download

Please Note:
If you are installing V6 over a previous version (V6.x or earlier), you will require a replacement license key - failure to obtain this prior to upgrading may mean loss of data..

Customers who have a current Gold Maintenance contract with Fluke Networks are able to download and upgrade their systems via the Gold Maintenance portal. Organisations who need these new facilities, but do not have a current Gold support contract should contact us for advice on obtaining this new version.

NetFlow Tracker V6 new features

If you would like a consultant to visit and advise on an upgrade or provide training on new facilities, please contact us via email or call 0800 599 9145.

NetFlow Tracker V6 builds upon the features available in prior releases, and is focussed upon tighter integration with VPM V6.

NetFlow Tracker V4 features:

  • Security
    • Increased visibility into traffic
      • Millisecond-accuracy on timings of all flows
      • TCP Flag states
    • Threshold alerting
      • To detect a specific defined threat
    • Profile alerting
      • To detect a new threat… when the profile of the network traffic changes from what is normal
  • Operations
    • Baselined alarms trigger when normal usage is exceeded
    • Alarm on any quantity or element that can be shown in a report
    • Alarms highlight the report that needs attention and navigate to that report
    • Integrate into any third-party event management or MOM using SNMP Traps
  • Troubleshooting
    • Using millisecond timings, see "who spoke first"
    • Use TCP Flag reports to identify unusual situations:
      • Servers refusing connections
      • Connection timeouts
  • Threshold Alarms
    • Trigger an alarm if traffic goes over a level
    • Two thresholds
      • Orange = Degraded
      • Red = Exceeded
    • Can create any traffic filter to measure against thresholds
    • Can measure bytes, packets, conversations, addresses
  • Threshold Alerting
    • Create an alarm based on any filter of traffic
      • e.g. Device + Interface + HTTP
    • Alarm on Traffic Rate, Packet Rate, # Conversations, # Address Pairs
    • Threshold alarms have two thresholds: Degraded and Exceeded
    • Automatically choose a threshold using a baseline, or manually specify
    • Alarm for Persistent Change will prevent short transient “spikes” in traffic from triggering an alarm
    • Baseline can be static (learn once) or update weekly (learn every week)
  • Profile Alerting
    • Tracker baselines individual elements of a report, not just the total
    • If a new item appears in a report, or a small item becomes big, an alarm will trigger
    • Notify if new applications appear on the network
    • Detect rogue or misconfigured applications
    • Workstation becomes an unauthorized server
    • Detect Worms, viruses
    • Detect P2P applications
  • Flow Forensics – looking deeper into the traffic
    • Tracker stores every flow in the real-time database
    • Keeps all flows forever, using archiving
    • Now, exact timings of flows show millisecond-accurate start time, end time and durations
      • Show "who spoke first"
      • See duration of long flows
      • Filter by flow duration – see just the short flows, or just the long flows in a report
    • Flags show the nature of TCP communications
      • Server problems
      • Identify SYN sweeps
  • Full Flow Conversations Report
    • New forensics report in Tracker, showing the most detailed traffic view ever
    • Use this report after drilling into traffic… usually after viewing conversations
    • Sort by start-time or duration to see timing behaviour or flows
    • See TCP flag content
  • TCP Flag report
    • Another forensics report
    • All flags present in each 60-second segment are shown
      • Note that NetFlow corresponds to one-way flows!
    • Identify anomalies in TCP traffic
      • Resets (server refusing or aborting connections)
      • SYN scans
    • Trace the progress of a single long flow from SYN to FIN
  • Use new measurements to filter reports
    • Filter by a specific flag pattern
      • E.g. Show me all RST traffic
    • Filter by flow duration
    • Use filters for alarms
      • Alarm if the quantity of SYN packets on the network goes above normal
  • Other Version 4 new features
    • Long-term network overview
      • Show 7-day overview of network
      • Recognized Applications collected as standard
      • Navigate to any long-term report enabled on the system
    • Internationalization & Localization
      • Support for all character sets
      • Localized to Simplified Chinese
      • UTF-8 encoding
      • Configurable items (devices, report names) may be entered in non-ascii characters
Copyright © 2002-2010 1st Advance Ltd Terms of Use
Friday, 3rd September 2010