Plixer FlowPro - Overview

What is Plixer FlowPro?

Plixer FlowPro is a network monitoring solution that ensures your IT teams always have access to the information they need to investigate and analyze network performance and security events, despite infrastructure limitations.

How does Plixer FlowPro work?

Because traffic transparency is a vital to efficient asset management and proactive threat defense, network visibility limtations can severely hamper efforts to identify and respond to issues.

Plixer FlowPro enables visibility in a network’s blind spots by capturing network traffic, generating the corresponding IPFIX records, and forwarding the data to a suitable flow collector, such as Plixer Scrutinizer.

Plixer FlowPro is available as a rack-mountable hardware appliance or in virtualized ESX-, Hyper-V-, or KVM-based packages.

Licensing

Plixer FlowPro is offered in the following license options:

Plixer FlowPro

The core Plixer FlowPro license enables complete network visibility by generating flow data for otherwise invisible traffic and forwarding it to an IPFIX Collector without requiring additional processing.

Plixer FlowPro APM

The APM (Application Performance Monitoring) enables application visibility from Layers 2 through 7 and allows Plixer FlowPro to capture and include the following application-level data in flows sent:

  • Latency data on clients, servers, and Layer 7 applications through Deep Packet Inspection

  • Traffic metrics related to SIP, RTP, and voice quality

  • Latency + traffic metrics (dual mode)

Plixer FlowPro Defender

With the Defender license, Plixer FlowPro can leverage DNS monitoring techniques to provide enhanced visibility and malware detection through the following features:

  • BotNet detection

  • DNS lookups of domains likely associated with malware

  • Data exfiltration detection

  • Command and control detection

DNS queries are compared against a domain reputation list and matched with known responses to identify potentially malicious traffic, such as no existing domain (NXDOMAIN) and long, complete DNS names that do not properly resolve. Plixer FlowPro Defender is also able to monitor other types of DNS messages, such as DNS TXT messaging to bypass firewall restrictions, and supports user-defined domain whitelists and blacklists.

Plixer FlowPro APM-Defender

The APM-Defender license combines the functions included in the APM and Defender licenses and allows Plixer FlowPro to deliver valuable network and security insights while enabling complete visibility in any type of environment.

Note

All Plixer FlowPro license levels support the disabling (and later re-enabling) of individual features as needed. To learn more, see the Advanced Services section of this manual.