Netflow

Network Security Monitoring & Traffic Analytics Platform

Overview
Netflow is designed for real time analytics of todays high speed, large volume, cloud centric network loads
Netflow like technologies supply the data points to Infraon which extracts hundreds of Key Performance
Indicators and flow analytics in real time. You gain unprecedented visibility into your network traffic, ability to
detect and alert on anomalies, and a solid database to perform any audit or investigation.

The solution is scalable to monitor & manage over 5000 devices. lnfraon is ISO 270001 certified for its internal
processes and is capable of running on a Linux platform with an open-source database as the backend. It is
available as Commercial-Off-The-Shelf (COTS) offering..

Key Highlights
Gain a complete understanding of your network from a traffic as well as a security perspective in a single
system.

Highly efficient platform can handle very large networks upto 50Gbps total throughput on a single system.

Easy and automatic deployment, just point your Netflow like exports to Infraon IMS.

Fully customizable so you can monitor your own applications the way you want.
Infraon IMS Datasheet

Key Highlights (Cont’d)

TRAFFIC MONITORING
Top internal and external hosts, per host traffic metrics, applications, interface and router level drilldowns,
country, AS analytics.

SCALABLE
High performance system can handle about 100Mbps of Netflow traffic usually representing 70-100Gbps. A
distributed hub-probe architecture allows you to scale horizontally as well by adding more probe or hub
nodes.

DEVICE VIEWS
Routers and Interfaces views – automatically builds an inventory of routers and interfaces, correlates with
SNMP name and lets you drilldown into each interface usage over long timeframes.

THREAT ANALYTICS
Plugin for threat analytics automatically compares your traffic with live updated known malicious hosts and
domains and alerts you of detected threats.

INCIDENT RESPONSE
Lossless storage using a custom designed very large scale database platform lets you store every flow and
every metric in its native resolution for querying. No rollups.

HIGH AVAILABILITY
Available in HA and DR configurations.

Netflow Analytics Features

Complete Traffic and Bandwidth Monitoring

Monitor 200+ traffic metrics at 1 minute resolution without

any roll ups or summarizations for long term analytics.
Advanced statistical metrics like cardinality counters ( eg
unique applications per host) and top-N snapshots are all
enabled out of the box. A few of the hundreds of metrics
are Hosts, Applications,, Countries, AS Numbers, Routers,
Ports, etc.

Automatic discovery of network topology

Trouble free automatic operations. No need to configure routers or interfaces. Just send Netflow from as
many devices as you want. InfraonIMS will automatically build a topology of routers and interfaces. Routers
and interfaces no longer active are automatically removed from the live topology but they exist in the
historical traffic analytics.
Infraon IMS Datasheet

Device and interface drilldowns Incident response and investigative tools

• The Netflow Router and Interfaces Manager tool lets you • Infraon IMS puts powerful investigative tools in your
effortlessly drill down into interface level usage reports hands when you want to analyze historical data. The
for long term analysis. SNMP integration resolves all Explore Flows tool allow you to search for any IP flow
ports and devices to their readable names. The Netflow using IP addresses, ports, interfaces, conversations.
Interface Tracker is a powerful analytics tool that lets Flow Trackers store top flows by volume, duration,
you generate long term accurate drilldowns of interface upload, download. Analyze Top-N, Bottom-N, Traffic
usage. Trends for any counter group over any time period.

Real Time Monitoring of all metrics Alerts based on flows, traffic, or anomalies
• Rich automatic email alerting with context
• Rich dashboards display time series metrics, topper embedded within the email for anomalous flow
lists, with drilldown options in near real time. Infraon based activity due to large Email attachment
IMS also features Real Time Stabbers that you can turn upload, data theft, exfiltration, or long remote
on demand for any metric, topper list, or flows to view desktop logins. Set Threshold Crossing alerts for
data in a 2 second updated view. This is great for real all interfaces that alert you when they cross pre-set
time insights and trouble shooting. thresholds. Threshold Band alerts detect
anomalous usage based on machine learning data.

Traffic Monitoring Device Monitoring Security features

Internal and external hosts Automatic discovery of topology Integrated threat analytics
Application usage breakup Routers & Interfaces monitoring Pulls in a dozen threat feeds
Traffic received Integrated with SNMP Alert on large uploads from org
Transmit Interface drilldown to hosts/apps Alert on long remote desktops
Layer 2 statistics Live views of interface activity Alert on peak traffic out of hours
VLAN Set usage alerts on interface Threshold Band outlier alerts
1 sec Real time monitoring Interface Tracker feature System Features
Cardinality metrics ITrack host/apps per interface Login integration via LDAP
Unique X of Y NBAR Reporting Integration with Grafana
QoS PDF / EXCEL reports Rich API for query
AppID Automatic email of key reports APPs ecosystem
UserID Alerts via Email High Avail N:1 mode optional
1-min time series resolution Predefined executive reports Disaster Recovery available
Top-N, Bottom-N, Topper Trends Rich customizable dashboards Scalable with more probes/hubs
Customized metrics Search for any host/subnet/app Large database upto 50TB
Global vs Device views Monthly accounting reports
Netflow
Netflow all versions supported Private IPFIX elements Filters for routers and interfaces
SFLOW, IPFIX, NETSTREAM Automatic de-dup
 Minimum System Requirements (For VM as well as
Physical Server)

Single Probe+Hub Single Probe+Hub One hub nodes + multiple probes

Hub: Xeon 8 Core/32 GB/8TB HDD
Core i5 & above/8GB RAM/1TB Xeon 8 Core/ 16 GB Each Probe:Core i5/8GB/16GB
HDD/1 Gigabit NIC RAM/2TBHDD/1 Gigabit NIC RAM

SUPPORTED VERSIONS

Netflow v5, v9, v10, SFLOW, IPFIX, Flexible Netflow (FNF), JFLOW, NETSTREAM
Please contact our Pre-Sales team to get the exact specifications for
your POC/Deployment

About EverestIMS Technologies

EverestIMS Technologies Pvt. Ltd. (Everest) is a leading software company – offering IOTM,
AIOps and Telecom OSS solutions. Backed with rich market experience in the I&O, AI, IoT,
and digital transformation space, Everest has widespread global footprints through its
focused product portfolio. We specialize in providing integrated IT solutions, IT operations,
and IT infrastructure to empower corporations, enterprises, and telecoms to deliver future -
ready services to end-users. Our goal is to ensure that they adapt and stay competitive in
evolving digital landscapes. Navigate here for more details about us: www.everestims.com

100+ 1000k+ 50k+ 100+

Business-critical S/W
Enterprise Customers Interfaces Monitored Vendors Support
Assets Monitored

Reach Us

Phone Email Web

+91 80 4656 7100 [email protected] www.everestims.com

Sree Gururaya Mansion, SN 1,

No 759, 8th Main Rd, South Wing,
KSRTC Layout 3rd Phase,
JP Nagar, Bengaluru, 560 078.
Karnataka, India