I recently was made aware of a very cool tool for analyzing netflow data that may you may be collecting from around your network. I’d seen netflow and visual analysis tools like this before, but in this case, the product performed very nicely, was very robust and starts at the low price of FREE for real time analysis. The tool is called Scrutinizer and you can find it for download and purchase here.
The free version works well for real time analysis and is nice complement to your health checks and the like if you have a network monitoring team. It is also pretty useful in digging into real-time netflow data to identify compromised hosts and components of bot nets in your network. With some careful attention, the low hanging bot net zombies will stand out from the data streams. Pretty useful to find the easy pickings…
With the commercial version, you can also add historical netflow data analysis, which opens the tool up to being very useful for over time analysis, forensics and deep anomaly detection, not to mention the network monitoring work the tool was originally designed for. MicroSolved has no relationship with the company who makes the product, but we thought it was worth it to point out a useful tool when we saw it.