Dell SonicWALL Scrutinizer is a multi-vendor, flow-based application traffic analytics, visualization and reporting tool to measure and troubleshoot network performance and utilization while increasing productivity for enterprises and service providers. Scrutinizer supports a wide range of routers, switches, firewalls, and data-flow reporting protocols, providing unparalleled insight into application traffic analysis from IPFIX/NetFlow data exported by Dell SonicWALL firewalls, as well as support for a wide range of routers, switches, firewalls, and data-flow reporting protocols. IT administrators in charge of high throughput networks can deploy Scrutinizer as a virtual appliance for high performance environments. Analyze traffic in high throughput environments by deploying Scrutinizer as a virtual appliance, enabling over 100,000 flows-per-second for up to 100 flow exporting devices, and easily accommodate high-performance requirements. In addition, the virtual appliance also eases migration and reduces deployment costs by allowing administrators to move a snapshot of a virtual environment to new physical server infrastructure.
The Dell SonicWALL Flow Analytics Module brings traffic flow diagnostics to the next level by adding valuable functionality to Dell SonicWALL Scrutinizer software, such as historical reporting for an unrestricted period of time, advanced alarming with the ability to set thresholds and facilitate automatic remediation, role-based administration, and in-depth traffic analysis algorithms. With the Flow Analytics Module, Scrutinizer can easily identify top applications, conversations, flows, protocols, domains, countries and subnets on the network, as well as watch for and alert on suspicious or potentially hazardous network behavior patterns, thereby providing administrators with greater network security awareness.
The Flow Analytics Module adds advanced reporting options such as flow volume, MPLS by subnet, Microsoft Exchange log trending and NBAR support. Administrators have with a wealth of information right at their fingertips.
IT administrators can create custom reports by applying filters to granularly define the specific information desired. Once created, custom reports can be saved for later use. Custom reports allow the user to configure detailed reports by filtering on fields such as IP Addresses, ranges and subnets; port numbers and ranges; defined applications including ranges of protocols and groups of protocols; multiple interfaces from different routers and switches; any exported field available via NetFlow or IPFIX; dynamic Quality of Service (QoS) monitoring; and detailed security/forensic information.
Traffic analysis reports
The Flow Analytics Module adds several additional flow based traffic analysis report types. Examples include granular IPFIX based application visualization reports for Dell SonicWALL products; flexible NetFlow NBAR based application reports; conversations to/from host pairs and applications used; flow reports with ToS field; host flow reports to show hosts sending or receiving the most flows; host volume reports to show the volume of unique hosts per second; and pair volume reports to show the volume of unique to/from address pairs per second.
Set it and forget it alerting
The Flow Analytics Module provides administrators with greater automation control, making routine advanced reporting a snap. Alerts can be configured based upon everything from unfinished flows to specific interface utilization. Administrators can configure QoS thresholds to proactively be alerted of RTSP latency and jitter before end users even reports a problem. Using saved Scrutinizer reports, the Flow Analytics Module can monitor and send out syslogs when traffic patterns violate specified thresholds. Scrutinizer facilitates automatic remediation via support for SNMP traps and script execution.
Enhanced security awareness
The enhanced security functionality alone makes Scrutinizer with Flow Analytics an invaluable tool in an administrator's arsenal. It shows exactly what is happening on the network - where traffic originated, where it is going and what type of traffic it is. Is someone planning an attack by scanning the corporate network? Did one of the servers get infected with malware and launch a DDoS attack? Scrutinizer can automatically detect nefarious activities and alert administrators immediately.
Valuable troubleshooting tools allow Scrutinizer to easily identify the volume of flows per hosts and peer into Voice over IP (VoIP) traffic. IT administrators can analyze VoIP traffic and determine the amount of voice traffic into and out of the network over time; what users are involved with the most VoIP traffic; the caller ID of destination and source; QoS statistics such as Latency/Jitter and packet loss of each call; what audio codec is being utilized; and whether the router is modifying DSCP values.
Network topology maps
Network topology maps come to life in Scrutinizer as links change in color and thickness with variations in network utilization. Clicking on a link in a network topology map brings up useful traffic statistics such as top talkers and top conversations within the last minute.
IT administrators can use Scrutinizer to plot network appliances such as firewalls, routers and switches on a Google map embedded in the Scrutinizer application. Using this geographic map as a starting point into all network analysis provides traffic details collected and organized for easy visualization in Scrutinizer.
Dell SonicWALL specific IPFIX templates for reporting
Administrators can use Scrutinizer to obtain deep insights into application usage as detected by Dell SonicWALL Next-Generation Firewalls. The Dell SonicWALL firewall transmits IPFIX data in real-time to Scrutinizer and the administrator can examine application usage, VoIP usage, VPN usage, and much more by user and over different time periods.