Plixer FlowPro – delivering enhanced network insight and security
Going beyond standard metadata generated by network devices, FlowPro provides additional insights into networks. For example it facilitates deep packet inspection and extraction of FQDN (fully qualified domain names) for encrypted traffic as well as DNS traffic analysis to detect data exfiltration.
How does FlowPro work?
Essentially FlowPro is a probe that takes a stream of raw network traffic from a TAP (terminal access point) or SPAN (switched port analyser) port then uses that to generate enriched NetFlow or IPFIX. These flows can then be sent to a flow collection and analysis tool such as Plixer’s Scrutinizer.
Common use cases for FlowPro
Our customers tend to install FlowPro when:
a) They’re worried about security issues within DNS traffic
b) Blind spots exist on their networks where devices don’t have the ability to generate metadata, such as NetFlow and IPFIX, about the traffic passing through them
c) They’re concerned about the performance impact of generating metadata on network devices
Why FlowPro?
- FlowPro generates security and application performance metrics, providing insights that are not available elsewhere.
- FlowPro can generate NetFlow or IPFIX completely independently of any network devices.
How is FlowPro licensed?
FlowPro is available as a virtual appliance in four different editions, or as a custom-made hardware appliance. You can compare the various options on the chart below:
| FlowPro licence tiers | FlowPro | FlowPro APM | FlowPro Defender | FlowPro APM-Defender |
|---|---|---|---|---|
| Obtain traffic visibility from all network locations | ✔ | ✔ | ✔ | ✔ |
| Monitor network traffic | ✔ | ✔ | ✔ | ✔ |
| Virtual appliance available | ✔ | ✔ | ✔ | ✔ |
| Physical appliance (with up to 7 monitor ports) available | ✔ | ✔ | ✔ | ✔ |
| Monitors via SPAN, mirror port or Ethernet tap | ✔ | ✔ | ✔ | ✔ |
| ERSPAN support | ✔ | ✔ | ✔ | ✔ |
| Troubleshoot latency issues | ✔ | ✔ | ||
| Measure application round trip time | ✔ | ✔ | ||
| Packet-level performance metrics | ✔ | ✔ | ||
| Resolve network performance issues | ✔ | ✔ | ||
| Identify layer 7 applications | ✔ | ✔ | ||
| Monitor latency for layer 7 applications | ✔ | ✔ | ||
| Monitor latency for clients/servers | ✔ | ✔ | ||
| Monitor VoIP performance | ✔ | ✔ | ||
| Detect malware DNS data exfiltration | ✔ | ✔ | ||
| Detect malware DNS command and control | ✔ | ✔ | ||
| Detect compromised assets using DGAS | ✔ | ✔ | ||
| Alert on DNS lookup to known malware C2 sites | ✔ | ✔ | ||
| Alert on DNS lookup to user-defined domains | ✔ | ✔ | ||
| FQDN reporting | ✔ | ✔ | ||
| DNS performance visibility | ✔ | ✔ | ||
| Upgrade paths are available for FlowPro, FlowPro APM and FlowPro Defender | ||||
See the FlowPro options available in our shop.
