FLOWCUTTER

Next-Gen Network Visibility Tool

Solution for IX PEERING

Network telemetry for both the perimeter and “the fabric”

Are you considering what the future of networks will look like?

If you’re looking in the same direction, FLOWCUTTER is for you!

TRY DEMO!

Elements

One UI to rule them all

It’s quite often within NOC/SOC that admins are using multiple tools for different kinds of telemetries, each with its own user interface. The 21st century approach is to collect many data sources, but display them in one unified UI. 

Such an interface should be friendly, universal and open-source. Grafana + FLOWCUTTER Datasource allows for: 

  • Custom dashboards
  • Custom visualizations
  • Custom alarms

      Elements

      Tool “to your image”

      Raw data enrichment helps any tool to serve “in your network’s image”. 

      FC enriches with following fields: 

      • GeoIP location
      • ASN for Peering 
      • Custom fields enrichment, e.g. ids of your services or end customers

            Elements

            Openness

            A traffic analysis tool cannot live in isolation. It should play fair with other boxes in your NOC/SOC software stack. 

            • Support all formats: sFlow, Netflow, syslog, … 
            • Provide full access & control via API 

            Export to open-source telemetry databases (e.g. Prometheus, Zabbix, Citrix)

              FEATURES

              WE HAVE SOMETHING EXTRA

              Fastest backend

              Nobody knows what the future brings. We don’t know where and what problem in network we are going to investigate tomorrow. Hence, the most important for any analyst is AD HOC query response speed.

              • FC queries raw dataset, no simplified aggregations
              • Thus you can make any query you think of

              Horizontal scaling of backend assures fast response even in huge datasets (1M+fps)

              Scalable for the next 20 years

              We think about what the future of networks will look like. If you are looking in the same direction, the FLOWCUTTER is for you!

              • Traffic doubles every 3 years. 
              • A solution that was ok yesterday, won’t be able to analyse huge flow datasets of tomorrow (1M+fps). And you might be forced to compromise!
              • FLOWCUTTER is horizontally scalable – can be deployed to 1 server or cluster of 20 nodes.
              • It will run smoothly even if your traffic increases 40x.
              Quick deployment

              Only in case of data centers, backbone and peering networks, FLOWCUTTER can be deployed on your own infrastructure (your own servers).

              Pouze pro data centra, páteřní a peeringové sítě lze FLOWCUTTER nasadit na vaši vlastní infrastrukturu (servery).

              • FLOWCUTTER is deployed by our team via monitored jump servers
              • as orchestrated Docker containers.
              • We use IaaC (infrastructure as a code) for fast configuration and update rollout.
              • Linux required (tested on Debian OS).
              Alerting and network health

              Each network is unique, with different segmentation, traffic composition. In order to be able to observe change in network behavior, monitoring has to be fine tuned individually. Don’t assume that vendor’s approach is the best for your network.

              • Monitors – preventive indicators defined as any arbitrary cut of flow dataset 
              • Custom fixed and adaptive threshold and detection rules
              Customer servis

              Every FLOWCUTTER instance has multi-level support.

              Our team pro-actively monitors each device under our support. It’s treated as a “service”. We do preventive maintenance when there’s a threat of its function degradation.

              Security is part of our DNA. We will be glad to share our experiences and recommendations.


              Anomaly and threat detection

              Our networks take place on the complex battlefield of today’s cyber warfare.

              Every new technology and update brings new vulnerabilities. Pro network operators and their customers is responsible to detect threat from network traffic, such as:

              • Volumetric DDoS
              • Communication with known malware C2C 
              • Lateral movement (e.g. open SSH/ Telnet port scans) 
              • Brute-force attacks
              • Exfiltration of sensitive databases via ICMP or DNS protocol
              • Anomalies in BGP routing
              Fast mitigation

              Example: My custom Monitor detects DNS packets flooding directed to your resolver. 

              What I need at that time is to quickly obtain context of a potential attack / issue. Only this way, I can mitigate the problem efficiently. 

              • A rule for firewall / shaping 
              • BGP FlowSpec
              Multi-tenant as a service for customers

              You can provide your most challenging customers with FLOWCUTTER as a service.

              Multi-tenant solution is a form of cloud architecture within which multiple clients share the same hardware resources.

              It means that several sub-networks or big customers of a service provider can utilize the one and the same FLOWCUTTER collector, each with his/her own credentials, setup, and dataset.

              Anomaly detection

              Effective data analysis

              Reliable source of forensic data

              Forensic data is fundamental

              For Everyone

              Together, we will find a solution for your project

              We will help you configure the solution to meet all your needs.

              TRY DEMO!