Company Solutions Products Technology Contact
Table of Contents

MyNetScope

Visualization

  • Efficient guide through adaptable visualization
  • Nested visualization (combination of visualization methods in single workspace)
    • Graphs (dynamic mind maps)
    • Tables
    • Forms
    • Statistical graphs
  • Interactive insight into network traffic
    • More data – to show more connections, provides information from connected data sources
    • Less data – to hide connections, aggregates information

Anomaly detection

  • Detection methods
    • Based on long-term profile change
    • Based on pattern recognition
    • Works with uncertain and incomplete information
    • Correlation with the results of other systems
  • Behavior patterns
    • Complex behavior patterns on L3/L4 layer
    • E.g. SSH password break attack
  • Behavior profiles
    • Built up according to device behavior
    • Kinds of services
    • Server/client behavior
    • Communication peers

Data sources utilization

  • Ready to be deployed with FlowMon probes
  • Connected to network related data sources
    • DNS, WHOIS
    • D-Shield portal
    • Wikipedia
    • Ready to extend
  • Utilizes various network utilities
    • Ping, Trace route
    • NMap, XProbe2
    • Ready for extension
  • Contains general adaptors
    • Syslog
    • SQL databases
    • LDAP trees
    • Plaintext lof files

Telescope to a network traffic

The way in which an organisation functions and its processes are mirrored in traffic on the computer network. If a connection can then be made to further information about the organization, the result is a gold mine of information allowing a marked improvement in security, the identification of possible savings and the provision of a basis for enhanced organisational performance.

Just try now to check what interesting things are happening in your network. Unless you are an expert, who enjoys reading through various log files on network traffic, the likelihood is that you will not find out anything at all!

In addition, these files will not be connected to broader context, so it is usable just for checking that your network functions as it should.

Just try then to connect up to other happenings in your organisation! How would you do this? It is this very connection, which is the key, as without it a whole series of events will go unrecognised and the organization will be unable to react to them properly. Each organization is unique and uses various information systems, databases, network solutions. An instrument is needed, which knows how to adapt to a concrete organization, network or user.

Solution characteristics

MyNetScope® is a platform allowing an insight into traffic on a computer network. Its key characteristics are:

  • Rule-driven classification, aggregation and filtering
  • Fully configurable display whose aim is to present connections in a clear way
  • Rule-driven synthesis of information from other data sources – logs, databases, …
  • Network monitoring based on NetFlow data
  • Intelligent interrogation
  • Works with uncertain and contextually dependent information
  • Interactive visual interface

Method of operation

MyNetScope® works just like a telescope. Just point it at what you want to see and go through data using the operations “tell me more” – bring into sharper focus – and “be more concise” – defocus.

The computer network is displayed in the form of a graph, in which nodes represent individual network devices and arrowed lines represent communication between devices in the network. The user interface allows information to be arranged in different ways on the screen – (dynamic or tree format) etc. The choice of views is simple and intuitive and at this time it is possible to work with an unlimited number of views and therefore to follow network traffic from various angles.

Some examples of usage

  • Enhanced organisational security
    • Are you able to detect suspicious activities on your network?
    • Are you aware of all security risks?
    • Are you able to solve security incidents effectively?
  • Detection of areas where profit could be being lost
    • Is an unauthorized person using your network – freeloaders
  • Detection of areas where savings could be made
    • How are prepaid data sources and applications used?
  • Enhanced organisational efficiency
    • What is the load factor of servers and applications?
    • With which organizations does your organization really communicate and how intensively?

Examples of questions

  • Who do our key servers communicate with?
  • How do client stations converse with each other?
  • Who is transferring the largest volume of data and where to?
  • Is there any undesired traffic on our network?
  • Who connects up to our servers at weekends?
  • Which computers have I not yet seen in our network?

Intuitive and adaptive visualization

Back to Products