Large Enterprise Security
– Mike Patterson, CEO, Plixer International, says:
Plixer International recently introduced Scrutinizer v12 – the latest version of its flagship incident response and cyber threat detection system. Scrutinizer delivers real-time network situational awareness and highly-detailed communication information about the users and applications that are being used to participate in reconnaissance efforts. The security system leverages NetFlow and IPFIX technology to forensically uncover malware by detecting odd behavior patterns.
The Plixer team knows that advanced malware often behaves like many common applications. In an effort to spot subtle abnormal changes, Scrutinizer can collect baselines and archive seemingly normal behaviors. This data can include the number of flows a host normally creates in a given time frame, and the number of bytes, packets and end systems it reaches out to and receives connections from. Scrutinizer delivers these details on demand and it does this by scrutinizing all traffic for abnormal patterns at all times.
In addition, Scrutinizer’s powerful filtering capabilities set it apart from other similar security offerings because its collector allows the filters and reports to be saved for future reference. Once saved, they can be placed in different dashboards for constant or occasional reference. Saved reports can be configured with thresholds that can trigger events based on a pattern match.
Scrutinizer is always evolving to meet the needs of IT security teams. Scrutinizer V12 brings new support for distributed flow collection that scales to meet the needs of large enterprises. The central interface provides the ability to troubleshoot enterprise problems that stretch across globally distributed offices, with multiple collection points from a single web console. The enhanced V12 also ensures policies and configuration updates are pushed down to flow collection servers.
To simplify the IT security person’s tasks, Scrutinizer now allows security administrators to pinpoint threats from a single location without jumping from one collector to another to run the same search. And with each collector capable of 200,000 flows per second in the distributed architecture, Scrutinizer v12 can support over four million flows per second.
Finally Scrutinizer’s v12 baseline capability is worth noting. The innovative offering provides the ability to set a baseline for anything being collected, which is particularly helpful in uncovering internal contagions that have snuck past other deep-packet inspection security appliances.