Mike Patterson (Plixer CEO and Founder) and I have been long time colleagues in the arena of NetFlow analysis. Over the years we’ve both watched as NetFlow has matured and gained increasing popularity and I’ve always admired Mike and his team’s energy and steadfast devotion to NetFlow technology.
So when Mike asked me to come in and talk to Plixer about the potential value of NetFlow for security monitoring I was more than happy to oblige. Over the course of several weeks I attended sales calls, eaves dropped on design meetings, and enjoyed Maine lobster dinner with many of Plixer’s key innovators. I came to realize just how powerful the Scrutinizer product line was and just how much value Scrutinizer could provide not only to the network operations team but the information security analysts as well. The sophistication and utility of capabilities such as the Flow Analytics subsystem and flexible template processing engine really caught me by surprise.
I came away with the impression that most people didn’t realize just how powerful the Scrutinizer Flow Analyzer really was – especially from a network security perspective. I’m here to help change that.
Network analysts around the globe know Plixer as a network monitoring technology, providing situational awareness to the network team to aid in trouble shooting, capacity planning, and overall network visibility. What they perhaps don’t know is the power NetFlow and flow analysis can bring to the security team. Forensics, incident response, early threat detection, policy monitoring and compliance – these are all capabilities provided by the Scrutinizer Flow Collection System.
During my time in Maine, Mike and I sat down and talked about what was needed to bring greater visibility to Scrutinizer’s security capabilities. The outcome was an invitation to join Plixer as the chief advocate for the use of flows in a security context.
Flow analysis offers a fresh new angle on network awareness and security that simply wasn’t available just a few years back. Thanks to innovations by Cisco Systems, the Plixer team, and other grass roots engineering efforts, NetFlow has grown to become an integral part of any well-rounded IT operation. You can find NetFlow (or its cousin IPFIX) in firewalls, routers, switches, load balancers, even virtualized platforms such as VMWare vSphere. It’s literally everywhere. The prolific nature of flow-enabled network devices provides an opportunity to peer across the entire network, from edge to access, without the need for traditional packet capturing devices.
Over the next few months I’ll visit the blog with stories of how flows can help your IT staff remain vigilant, react faster, and help stem the oncoming maelstrom of BYOD devices, motivated attackers (APTs), and disgruntled or just downright oblivious employees. In the mean time if you want to learn more about the security value of NetFlow analysis you can find me on LinkedIn, Twitter, or just drop a line to my new email here at Plixer.