SmartFlow is an IT cyber security monitoring tool that uses Anomaly Detection to pinpoint hard-to-detect security threats. SmartFlow complements existing signature based security monitoring tools. It analyzes network flow traffic to detect zero-day security attacks. Smartflow is an appliance based solution and targeted for medium and large enterprises.
SmartFlow utilizes patent-pending anomaly detection techniques and network behaviour analysis to identify security threats in a network. It applies Solana algorithms on flow data such as Netflow to detect address scans, DDoS attacks, Botnets, port scans, malware etc. Zero day threats and encrypted malicious traffic (such as Botnet Command & Control) may escape detection by signature-based security monitoring tools. However, they will not escape detection by SmartFlow. SmartFlow distills network traffic and flow data into more than 20 different statistical measures which it continuously analyzes for early warnings of cyber threats. SmartFlow’s best of breed cyber threat monitoring without the need for signatures makes it an essential element as part of an Enterprise network’s comprehensive security solution.
SmartFlow analyzes flow traffic to provide visibility into network traffic behaviour. It provides information on those applications consuming the most network resources. It pinpoints the source of network congestion by identifying the top users and applications. It detects network access to and from specific geographic locations worldwide. SmartFlow’s analysis results are presented to the user through alarms, long term trend reports and intelligent drill-down. SmartFlow operates as a stand-alone module or can be integrated with Solana’s SmartHawk network mapping product to enable powerful cyber situational awareness and cyber forensic capability.
Cyber Threat Detection based on Traffic Behavior Analysis
- Ability to protect networks from zero-day attacks
- Complementary approach to signature-based network security
- Ability to detect threats with encrypted traffic
- Ability to provide situational awareness and forensic analysis for security threats
Application monitoring based on Flow data
- Track users and applications that consume network resources
- Enable forensic capability via flexible filters on historical flow data
- Resolve network performance quickly by pin-pointing the root cause
- Facilitate network planning with traffic trend and historical reports