sFlow Analysis

Turn sFlow into Actionable Insight

By collecting, processing and analyzing sFlow data, exportable from existing routers and switches, organizations can easily extend the value of their network infrastructure. Lancope's StealthWatch System leverages sFlow traffic samples from Foundry, Extreme, HP ProCurve and other leading network infrastructure vendors to provide end-to-end network visibility, protection and performance improvements for distributed enterprise environments. This additional layer of pervasive intelligence is not available through conventional technologies such as IDS/IPS and network probes, and can only be obtained through flow-based solutions, which offer significant value for both security and network operations.

Increasingly complex networks and evolving cyber threats indicate a need for greater internal network visibility. Through sophisticated behavioral analysis, StealthWatch uncovers both zero-day attacks that bypass perimeter defenses as well as internal threats such as network misuse, policy violations, device misconfigurations and data leakage. Issues can also be traced all the way down to the exact application and user responsible, greatly reducing mean time to know (MTTK) and minimizing downtime. In addition to providing in-depth intelligence on the internal network, StealthWatch also integrates behavioral analytics of data from perimeter devices such as firewalls for even greater contextual awareness.

By providing comprehensive, end-to-end visibility of all traffic in all network segments, StealthWatch helps organizations address increasing demands being placed on their infrastructure due to trends such as IT consumerization, user mobility, live telepresence and streaming video, as well as regain network visibility lost through innovations such as MPLS, virtualization and IPv6. StealthWatch fills in the visibility gaps left by other technologies without adding undue expenses and complexity to network and security operations. In fact, StealthWatch eliminates the manual analysis and time-consuming management associated with conventional monitoring technologies, allowing IT teams to do more with less.

Click here to learn more about sFlow and sFlow Collection.