1st Advance Ltd - Fluke Networks - NetFlow Tracker

Fluke Networks NetFlow Tracker

Security
Monitoring network activity can play a major part in establishing and maintaining network security. Our monitoring software is based on these fundamentals:

Coverage - Most routers in the huge Cisco installed base can be used for network monitoring and with NetFlow Tracker no additional (costly) hardware probes are required.
Complete Visibility - NetFlow Tracker is practically alone in being able to report on every data conversation. The conversations that matter today start and remain small - virus, voice, peer-to-peer, hacking and worms. Only Millisecond-accuracy on timings of all flows makes tracking these conversations possible.
Conversation Awareness and IP Session Tracking - The ability to examine packets and their numerous fields in detail, so that unauthorised and hostile activity can be traced and analysed.
Conversations and Interfaces - More than just a record, knowing the source IP addresses of conversations and their inbound and outbound interfaces is critical to tracking and understanding unusual behaviour.
Threshold and Profile Alerting - To detect either defined threats or new threats. Letting you know when the profile of the network traffic changes from what is normal.

More on Alerting
Threshold Alerting enables users to create an alarm based on any filter of traffic (e.g. - device + interface + HTTP). Beyond that the user can choose to set threshold based on either packet rate, traffic rate, number of conversations or number of address pairs.

Two thresholds are configured, degraded (Orange line) and exceeded (Red line), which are indicated on charts. These thresholds can either be set automatically using a baseline or manually.

For Profile alerting NetFlow Tracker baselines individual elements of a report, not just the total. If a new item appears in a report, or a small item becomes big, an alarm will be triggered. This allows users to be notified of: