In this Scrutinizer review: the basic topics of a NetFlow (and other flows) collector and reporter.
The name Scrutinizer is carefully chosen, according to the merriam-webster translation it means: to examine (something) carefully especially in a critical way.
This review will be updated October 2019
Scrutinizer review in a nutshell
A few highlights about Scrutinizer:
- It is one of the leading network flow products on the market (there are a lot of products but only a few go further).
- Is vendor agnostic and handles any flows like sFlow, Netflow, JFlow and IPFIX.
- Stores ALL the data and can report on it.
- Reporting is fast.
- It scales from very small to very large environments.
- The way Scrutinizer is designed, makes it also a forensic and security tool, it can alert on traffic patterns and has DNS integration and gives visibility on your network that normally stays hidden.
- Can be used stand-alone or integrated with other monitoring tools.
When do you need Scrutinizer?
- If you need a security forensic tool (it collects everything without losing data).
- For security compliance, to provide demonstrable evidence of IT compliance with internal governance policies, external regulations, and industry best practices like HIPAA, FIPS, NERC, SCADA, SOX, COBIT, PCI and NPPI.
- If you need deep analysis of your network (traffic flows) who is creating it and who is communication with who.
- If you need specific parameters from attached devices such as firewalls (such as Cisco ASA, Paolo Alto and more).
- If you need people (a company) that really knows about Netflow (this is Plixer).
- Instant and fast reporting.
- Drill down of network traffic performance problems.
Scalability of Scrutinizer
The scalability of scrutinizer is created by a very effective way of platforms in order of scalability:
- Windows for the basic
- Virtual appliances for higher scalability
- Dedicated (optimized) appliances for large scale implementations
Integration with other monitoring tools
It is easy to integrate Scrutinizer with other monitoring tools like SolarWinds, Network mapping tools, SPLUNK and more (soon in this article more about this).
There is an API available to integrate.
Scalability and integration
Plixer, the company behind Scrutinizer has a number of other products that will make it easy to integrate your existing environment without large investments / replacement of your networking devices. A small glimpse:
- FlowPro APM (a Network Probe that gives you more Application visibility)
- Flow replicator (if you have multiple collectors).
- FlowPro Defender (hooks into malicious DNS requests).
Pricing and licensing of Scrutinizer
The licencing of Scrutinizer is based on the number of devices and the platform (Windows, Virtual Appliance or Hardware Appliance) you are using.
For sizing purposes you need to understand the number of flows and devices. This will give you an indication of the platform to be used.
The advanced reporting module is a very good add on to the basic capabilities of Scrutinizer.
Links for further reading
Visit the website of Scrutinizer / Plixer for more details. There is a lot of technical information available.
Scrutinizer Customer Case’s
In this section there will be a number of customer cases that will be published in a few months. Please stay tuned to this website and subscribe to our newsletter.
This scrutinizer review will be updated periodically based on new information we receive from customers and Plixer.