SonicWALL 232-000861-00 manual Scrutinizer Base Product, Administration

Scrutinizer Base Product

The base Scrutinizer product includes many great features such as:

Administration

•Customizable Dashboards

•Group Based User Permissions

•Unique Dashboards per login

With Scrutinizer’s suite of built-in administrative tools, customizing specific user logins and dashboards is a breeze. Administrators can create specific permissions based upon a particular user identity or create group based user permissions for entire departments. The Dashboard can be customized on a per-user basis to provide the information that is most relevant to each user upfront.

Alerting

•Support for on-demand email reporting

•Ability to batch schedule and email reports to administrators

Scrutinizer was built with ease of use in mind. With Scrutinizer’s alerting features administrators have ‘set it and forget it’ flexibility when it comes to reporting. Reports can be run based upon a specific schedule or triggered when event thresholds are exceeded. Once configured, reports can be automatically batched and emailed to administrator in several formats.

Flexible Reporting

•In the Free version, data can be archived for up to 24 hours. Data can be saved longer if a commercial version is purchased.

•Extensive Flexible NetFlow template support

•Granularly defined reports down to the second which can include / exclude data filters

•Create and save templates to easily reuse for future reporting

•Create application group reports based upon specific ports or subnets

•Display data by number of bits, bytes, packets or as a percentage of total traffic

•Per interface, host, protocol, application, or conversation reporting

•Trend data in, out, or bi-directionally

Granular, flexible reporting is the heart of the Scrutinizer product. Administrators have endless possibilities for generating reports based upon general or very specific criteria. Want to know which users are consuming the most bandwidth? Would you like that done per bit, byte or packet? What about which protocols are being most heavily utilized on a particular subnet?

Security

•Easily configure DNS caching time limits

•See all traffic ‘Host to Host’ or ‘Subnet to Subnet’

•Easily filter and display traffic based upon TCP flags

•Track flow sequence numbers to trend traffic patterns

•Quickly identify MITM servers on the network (DNS, DHCP, SMB, etc)

With all of these great features it’s no wonder Scrutinizer is invaluable when it comes to security. Administrators can toggle between various reports to easily identify traffic flowing from host to host or subnet to subnet. Tracking flow sequence numbers and trending traffic patterns has never been easier. Further, Scrutinizer can quickly identify rogue servers placed on the network attempting a Man-in-the-Middle attack against such services as DNS, DHCP, SMB, and more.

SonicWALL Scrutinizer 9.0.1 Release Notes

P/N 232-000861-00 Rev A

7