Flowmon Traffic Recorder The easiest way to perform

Flowmon Traffic Recorder The easiest way to perform an on-demand Full Packet Capture

Challenges § Network troubleshooting using packet capture is very resource consuming § Only feasible alternative is to use flow data with information about network communications § Flow data exported from active device may not be available, accurate or detailed enough § Use dedicated high-performance and accurate flow data exporters § Flowmon Probe - dedicated flow data exporter providing visibility into the application protocols

Flowmon Solution Network Traffic Monitoring Flowmon Probes § Stand-alone passive sources of network statistics (Net. Flow / IPFIX ) Network Statistics Collection & Analysis Flowmon Collector § Storing, visualization and analysis of network statistics Flowmon Modules Advanced Analysis § Anomaly detection, traffic capture, Application of Network Statistics Performance Monitoring, DDo. S attacks detection and mitigation

Flowmon Traffic Recorder On-demand Full Packet Capture

Flowmon Traffic Recorder § Captures full packet trace in PCAP file in 1 G/10 G/40 G/100 G networks § Based on defined filter (IP, CIDR, port, MAC, MPLS label, VLAN tag) § Individual captures as tasks with scheduling

Deployment § Standalone architecture § § Flowmon Traffic Recorder runs on Flowmon Probe Select Probe‘s interface for capture

Deployment § Distributed architecture § § Configure captures from central collector Select Probe and interface for capture

Triggered Packet Capture § Integration with Flowmon ADS § Provides Network Forensics Flow monitoring including L 7 Network Behavior Analysis Full packet capture Triggered by detection

Traffic Recorder models Capture setup Export format Feature set Number of licensed probes Monitoring interface Lite Standard Business Corporate Enterprise GUI GUI/API/ADS PCAP, GUI Full Full 1 2 4 8 8 1 G 1 G 1 G/10 G 1/10/40/100 G PCAP, GUI/API

Flowmon Traffic Recorder Use Case E-mail Troubleshooting

E-mail troubleshooting § Gmail e-mail delivery issue We are not receiving e-mails from Gmail And can’t figure it out Can you try to help us and fix it?

E-mail troubleshooting Using AS numbers it is possible to easily identify corresponding network traffic and do the analysis

E-mail troubleshooting All flows are 640 B? TCP flags are normal This is not a network issue We need to see the packets Detailed visibility and drill down to flow level helps to understand traffic characteristics

E-mail troubleshooting Built-in packet capture capability enables to get full packet traces when needed

E-mail troubleshooting Ok, Gmail requests TLS 1. 0

E-mail troubleshooting And mail server doesn’t support that

Summary § Flowmon Traffic Recorder § § § § Complement flow monitoring with packet level visibility Help to solve all network related operational issues Provides data for network forensic analysis Important for Root Cause Analysis (RCA) Reduce MTTR (Mean Time To Resolution) Smooth installation to Flowmon solution Available for fraction of packet analyzers price

Thank you Performance monitoring, visibility and security with a single solution Flowmon Networks a. s. Sochorova 3232/34 616 00 Brno, Czech Republic www. flowmon. com