9
SonicWALL Scrutinizer 9.0.1 Release Notes
P/N 232-000861-00 Rev A
Flow Analytics Module The Flow Analytics Module brings traffic flow diagnostics to the next level by adding historical reporting for an
unrestricted period of time, advanced alarming with th e ability to set t h resholds, role-bas ed administ ration, and in-
depth traffic anal ysis algorith ms to the Scrut inizer software. I t can easily iden t ify top applic ations, conversat ions,
flows, protocols, domains, countries, and subnet s on the network, as well as watch for and alert on suspic i ou s or
potentially haz ar d ous network b ehavior pattern s thereby providin g administ rators with greater net work security
awareness.
In addition t o the base-level featu res Scrutini zer with the add-on F low Analytics mod ule provides several additional
advanced featu r es , such as:
• Flexible Reporting
o SonicWALL spec ific templates for r ep orting
o Special traffic an alysis reports s uch as Flow Volum e & NBAR Support
o MPLS reporting by subnet
o Microsoft Exchan ge log trend an alysis
o Puts informati on at administ rators fingertips
Easily identif y the top appli c ations being util i z ed on the network
Easily identify the top country of origin for traffic flowing across the network
Easily identify the top domains being accessed
Easily identif y the top subnets being utilized on th e network
With the addit ion of the Flow Analyt i cs module Scru tinizer becomes an even more powerful reporting eng ine
offering even greater flexibility and granularity. In addition to all the reporting functions provided in the base edition,
Scrutinizer with Flow Analytics adds advanced reporting options such as flow volume, MPLS by subnet, Microsoft
Exchange log t rending and NBAR su pp ort. Adminis t rators have with a wealth of information right at their fingertips.
IT administr at ors can create cu stom reports by ap plying filters to gran ularly define the s p ecific informat i on desired.
Once created, c ustom reports can be saved for later us e. Custom Reports allow the user to con figure detailed
reports by filtering on fields such as: IP Addresses, ranges and subnet s; Port numbers and r an ges; Defined
applications including ranges of p rotocols and gr ou ps of protocols; Mu lt iple interfaces from d ifferent rout ers and
switches; Any exported field available via Net Flow or IPFIX ; Dynamic QoS monit or i ng; Detailed sec u rity / forensic
information
The Flow Analytics Module adds several addit i on al flow based t r af fic analysis rep or t types. Examples includ e but
are not limited to: Granular IPFIX based application visualization rep orts for Sonic WALL product s ; Flexible NetFlo w
NBAR based application reports (requi r es IOS v15 on Cisco rou ters); Conversati on s to/from h ost pairs and
applications used; Flow reports with ToS field; H os t flow reports to sh ow hosts sendi n g or receiving t h e most flows;
Host volume report s to show the volum e of unique hos ts per second; Pai r volu me reports to s how the volume of
unique to/from address pairs p er s econd
• ‘Set It & Forget It’ Alerting
o Easily create al er t s to notify adm inistrators of u nfinished flows or n efarious act i vit ies
o Alerts can tri gg er email notificat ions, SNMP t raps, syslog mes s ages, and script execution (facilit at ing event
remediation)
o Alarms can be con figured to alert ad ministrators based upon spec i fic interface util i zation
o Administrators can be alerted b ased on any pre-defin ed report
o Reports can be s cheduled, then em ai led to administ rators
o Administrators can proactively m onitor QoS of RTS P traffic
The Flow Analytics add-on to Scrutinizer provides adm inistrators wit h greater autom ation control m ak ing routine
advanced reporting a snap. Alerts can be configured based upon everything from unfinished flows to specific
interface uti l ization. Furth er, administ r at ors can configu re QoS thresholds t o proactively be alert ed of RTSP latenc y
and jitter before en d users even rep or t s a problem.