Sycope FlowControl is a NetFlow-based solution designed for network traffic analysis and threat detection. Combining the functionalities of a data collector and analyser, the system enables diagnosing the causes of problems with network connections and bottlenecks. It supplies detailed information on the network user traffic generated by servers and services, which facilitates the detection of various anomalies. With embedded security rules and threat-detection mechanisms, it is also able to detect anomaly network activities and attacks. It offers a number of advanced indicators, reports and summaries based on the practical experience of Passus engineers gained during 20 years of work for the largest companies and institutions in Poland and abroad.

Key features of the solution:

• A high-performance mechanism for network traffic monitoring and analysis – the basic device processes up to 250 000 flows per second.
• Detection of malicious communications based on Threat Intelligence (e.g. malware, C2, botnet).
• Identification of attacks and security policy breaches.
• Flexible analytical tools based on big data mechanisms.
• Identification of applications and hosts responsible for network bandwith.
• Network relationship diagrams, including geolocation.
• Functional validation of the QoS policy in place.
• The basic implementation takes less than an hour.

FlowControl comprises fully integrated modules: XN for network performance monitoring, XNS for IT security monitoring and XND for identification and mitigation of DDoS attacks . The system records, processes and analyses all NetFlow parameters, enhanced by SNMP data, geolocation and blacklists of suspicious or malicious IP addresses. The analysis includes, but is not limited to, the following elements: TCP/IP parameters in layers 3 and 4 (source and target IP address, protocol, port), traffic attributes, as well as interface numbers by traffic direction (inbound/outbound), including the IP addresses of NetFlow generating network devices.
The XNS module is provided with a number of rules to facilitate threat detection.

More information about Sycope FlowControl is available at www.sycope.com