FlowMon ADS

FlowMon ADS is a modern system for detection of data network anomalies and undesirable behavior, which is based on permanent evaluation of network traffic statistics. The goal of the solution is to reveal operational problems and to increase external and internal security of a data network. The main advantage over standard IDS systems and SNMP monitoring lies in orientation on the overall behavior of devices in a network, which enables to respond to yet unknown or specific threats for which the signature is not available. FlowMon ADS is also available in ISP edition, which is specially designed and optimized for internet service providers to increase network security and indentify malicious activities in the backbone networks.

Main benefits

  • Obtaining a detailed overview of the network traffic structure and top users
  • Evaluation of compliance with security guidelines and regulations
  • Detection of internal and external attacks
  • Services quality monitoring
  • Elimination of unwanted applications
  • Detection of infected network devices
  • Prevention of unwanted software use and sharing of illegal content
  • Control of the outgoing network traffic, protection of the reputation
  • Quick diagnosis of network, services and applications latency
  • Wrong network devices configuration detection

Anomaly and undesirable behavior detection

  • Attacks (port scanning, dictionary attacks, Denial of Service, Telnet protocol)
  • Anomalies in data traffic (DNS, multicast, non-standard communication)
  • Anomalies in device behavior (change of the long-term behavior profile of a device)
  • Unwanted applications (P2P networks, instant messaging, anonymization services)
  • Internal security issues (viruses, spyware, botnets)
  • Email traffic (outgoing spam)
  • Operational problems (delays, excessive load, the reverse DNS records, broken updates)

Behavior profiles

  • Volumes of data traffic (transmitted data, connection count)
  • The structure of services (used and provided services)
  • Communication partners
  • Searching network servers and clients
  • Searching for devices providing or using services in the network
  • Overall view of traffic structure
  • Detailed profile for each IP address, monitoring trends

Interactive visualization of events

  • Exploration and evaluation of reported events in form of directed graphs compiled on the basis of network traffic that caused the event
  • Interactive walkthrough, displaying of relevant neighborhood of the event and drill-down to the level of individual data transmissions
  • Export of statistics for network traffic, which caused the event, in a form suitable to prove incidents

Easy deployment and extensibility

FlowMon ADS is designed so that it can be immediately deployed and used in different environments.
  • Templates of typical configuration for different types of networks
  • Comprehensive graphical reports generated from the application on demand
  • Notifications of unwanted network states and situations via e-mail