SonicWALL® Scrutinizer is a multi-vendor, application traffic analytics visualization and reporting tool to measure and troubleshoot network performance and utilization while increasing productivity for enterprises and service providers. Scrutinizer supports a wide range of routers, switches, firewalls, and data-flow reporting protocols, providing unparalleled insight into application traffic analysis from IPFIX/NetFlow data exported by SonicWALL firewalls. Scrutinizer easily identifies top applications, conversations, flows, protocols, domains, countries, and subnets, and alerts on suspicious behavior. Scrutinizer also provides historical and advanced reporting, role-based administration, advanced analysis, and threshold-based alerts, in addition to numerous special features for MSPs and ISPs
Tools such as customizable and interactive charts and tables; an innovative matrix view displaying flow field; network maps showing relevant flow data; and integrated Google® Maps, are the foundation for Scrutinizer’s easy-to-use yet powerful analytics and trend analysis capabilities. These visualization tools provide a robust platform to list top interfaces across all routers, switches, and firewalls, displaying archived flow data in an intuitive and innovative way.
Scrutinizer is able to support hundreds of devices and over a thousand interfaces. It’s compatible with many different types of routers, switches and firewalls from numerous vendors and does not require the purchase of a separate, expensive Microsoft® or Oracle® database. Scrutinizer supports all industry standard data flow protocols including NetFlow v5, NetFlow v9, Flexible NetFlow, J-Flow, sFlow and IPFIX.
IT can perform analysis and create reports based on top hosts, protocols, applications, or conversations on the network across multiple countries, domains, subnets, routers, switches, or firewalls; IP grouping; traffic analysis Report Types (e.g. Flows, Flow Volume, NBAR Support, etc.); or Microsoft® Exchange logs. Scrutinizer can trend in, out, or both at the same time; display data in bits, bytes, packets or percent, down to the second; and filter to include or exclude data on any field exported in the templates (e.g., MAC Address, VLAN, Latency, etcetera)
Application traffic analytics increase employee productivity by reporting wasteful network usage for administrators to enhance network optimization.
Scrutinizer enables administrators to define Application Groups using ranges of applications, ports and IP addresses. Administrators can also apply SonicWALL-specific templates; rename templates; save filters; schedule reports to be sent out via email and .CSV exports for billing; customize billing for usage invoicing, set up default landing pages by account login (useful for service providers servicing multiple customers); and save all records and flows—for an unrestricted amount of time.
By setting alerts and alarms to activate upon configurable thresholds on interface utilization, administrators can easily identify unfinished flows and nefarious activities. Administrators can proactively monitor Quality of Service (QoS) and receive automatic alerts on degraded voice and video traffic. Scrutinizer’s unique index-per-alarm feature displays how many other alarms the host has violated.
Troubleshooting tools can be used to identify bottlenecks on the network, analyze latency and jitter, search for specific hosts or ports, determine peak-hour usage and capacity, and identify what devices do not have the Active Timeout configured correctly. Administrators can also create a map of their network with links that change color based on utilization. Scrutinizer provides diagnostic information on host flows, host volume, pair volume MAC addresses, VLANs, domains and countries. In addition, the solution leverages IPFIX statistics to provide greater insight into VoIP metrics (codec, caller ID, duration, originator, destination, etc.).
Administrators can configure timeframes for DNS caching; filter host-to-host, subnet-to-subnet or by TCP flag; track Flow Sequence Number, trend results and indicate problems; and specify allowed subnets and alarm for rogue IP addresses. Scrutinizer detects and alerts on unauthorized applications; malicious traffic; known-compromised internet hosts; DNS cache poisoning; rogue DHCP and mail servers; port scanning; excessive multicast traffic; HTTP hijacking; and DDOS attacks.
Administration is a breeze with the central, easy-to-use console. Dashboards can be customized per login or group-based user permissions. Administrators can configure permissions per login account to access flows for specific router, switch, and firewall interfaces. Service providers can easily modify style sheets to match branding.