Flowmon blog

Blog of new releases and updates

Monitoring TLS Network Traffic for Non-FIPS Compliant Cipher Suites

In internet security, Transport Layer Security (TLS) serves as a crucial cryptographic protocol to safeguard digital communications. TLS relies on cipher suites to encrypt data transmitted across networks, ensuring confidentiality and integrity. However, not all cipher suites are created equal.

Read More

What is MITRE ATT&CK and How to Use the Framework?

The cybersecurity threat landscape constantly changes as attack methods increase in frequency and sophistication. Having a complete view of the threat landscape and the techniques that attackers use is difficult. Several frameworks are available to classify bad actors’ tactics and techniques to assist defensive strategy planning and tactical operations.

Read More

Applying Zero Trust to Data Centre Networks

The cybersecurity threats organizations of all sizes need to defend against are complex, persistent, and continuously changing. Delivering adequate defenses requires a multi-layered cybersecurity strategy. Zero trust has emerged as a core component of the modern cybersecurity solution stack.

Read More

Multi-Cloud – Rise of Hybrid Networks and the Need to Monitor & Secure Them

Many organizations find themselves managing a hybrid infrastructure spread over on-premise and multiple public cloud provider platforms such as AWS, Azure, and Google for specific business applications. If you are lucky, all your cloud resources will be from a single provider, but in reality, it’s likely that multiple cloud services will be used. Alternatively, your CIO and IT team might want to spread services across multiple cloud platforms to provide resilience and guard against vendor lock-in. Whatever the reasons behind it, many industry analysts and experts expect hybrid infrastructure spread over multiple data centers and cloud platforms to be the norm even for small enterprise businesses.

Read More

Dealing with Unknown Threats

The cybersecurity threat landscape facing every organization is constantly changing. Cybercriminals are always looking for new vulnerabilities to exploit or changing existing attack methods to bypass protections. They also go to great lengths to hide their activities within regular network traffic and application activity. The attack surface that organizations present to attackers is also in a constant state of flux.

Read More

Join the Flowmon Customer Validation Program

We would like to invite you to join the new Flowmon Customer Validation Program (CVP). This is a unique opportunity for you to actively influence future product development, share your feedback, explain your use cases, and see behind-the-scenes material and product roadmaps.

Read More

Monitor User Behavior to Detect Insider Threats

The risk from insider threats has grown massively, with perpetrators frequently getting around organizations' increasingly complex perimeter protections. It is one of the most common ways customer data or industrial and trade secrets leak. This very complex topic includes many types of threats and techniques. Let's discuss how you could detect insider threat activity at a network level.

Read More

Monitoring Loadmaster Performance with Flowmon NPMD

The Loadmaster Network Telemetry feature makes it easier than ever to get key insights on your applications into your Flowmon deployment. By creating both cluster-wide and application specific channels you can quickly build NPM dashboards and topologies that surface essential performance and availability metrics broken down by application, client and server.

Read More

What is New in Flowmon 12.2 and ADS 12.1

Our development teams continue to improve Progress Flowmon. The latest update takes the core Flowmon product to version 12.2, while our industry-leading Anomaly Detection System (ADS) gets incremented to ADS 12.1.

Read More

Progress Flowmon Ranked as a Technology Leader in SPARK Matrix 2022 NDR Report

The threat landscape that organizations faced in 2022 and continue to face in 2023 is large, complex, and continuously changing. Defense requires a multi-layered approach that delivers monitoring, detection, and response at many points within on-premise and cloud-based infrastructure and systems. A Network Detection and Response (NDR) solution is critical to a modern cybersecurity defense strategy.

Read More

Business Benefits of Network Detection and Response (NDR)

When we talk about the business value of a tool or a system that at first glance may seem like a “nice to have” or a “helpful but not absolutely necessary” technology, it is a good idea to start any discussion on the merits of the tool by putting some things into perspective.

Read More

Flowmon Anomaly Detection & MISP

Back in 2021 we have introduced the integration between MISP, a community threat intelligence sharing platform and Flowmon ADS. The integration turns indicators of compromise shared through MISP to actionable intelligence. Flowmon ADS will automatically pick up on latest indicators of compromise using MISP API and leverage those indicators of compromise to detect adversary activities in the target network. The integration is available in Flowmon ADS 11.2 and newer versions. This way anyone can use community threat intelligence to report on malicious activities in the company environment.

Read More

What is Network Flow Monitoring, and Why You Shouldn’t Live Without It

Old network salts likely know all about network flows and the value of network flow monitoring. As former News Editor for Network World and Editor in Chief of Network Computing, network flows are part of my old stomping grounds. In fact, I remember when Cisco invented NetFlow in the late 1990’s to collect traffic data from its routers and switches so it could be analyzed by network pros.

Read More

Boost Application Experience with Network Behavior Analysis

The network is the heart and soul of your IT infrastructure, and its performance defines the user experience. Key to ensuring this performance is spotting security issues that disrupt its workings. This blog discusses two interrelated approaches: network behavior analysis (NBA) and anomaly detection. In fact, NBA is encompassed within a good anomaly detection system (ADS).

Read More

Ransomware: Latest Variants and Trends on the Rise

A ransomware attack is one of the effective strategies cybercriminals use to encrypt users’ data and prevent them from accessing it until a ransom amount is paid. While the rate of ransomware attacks is less than other malware types, including viruses and trojans, it can have severe consequences on businesses and individuals alike. Ransomware attacks have been on the rise since 2018, reaching their highest at 68.5% in 2021.

Read More

Slow App? Where's the Problem?

Hands up if you have dealt with an issue like the following. It seems to be an ordinary day, and applications and networks are running normally. During the morning, reports start to come in from users saying that applications have longer than usual response times. Oh no! It's the start of a dreaded "it's running slowly!" problem that lives in the nightmares of system admins everywhere.

Read More

Battle the Ransomware Scourge with Deep Network Insight

Ransomware is the gift that keeps on giving. Old as it is (33 years) ransomware is constantly morphing into new exploits. The reason is simple. Ransomware works and too often cybercriminals walk away with bags of money (or piles of Bitcoin, anyway).

Read More

Cutting through the noise

Regardless of where you work in IT you’ll be familiar with the problem of alert fatigue and dealing with the endless streams of telemetry, alerts and notifications. While it’s often the background to daily tasks this is never more visible than when dealing with a time sensitive incident such as a critical outage or a security breach. In this post we’re going to look at how Flowmon Anomaly Detection System (ADS) can help you quickly and accurately identify essential details of a security breach that cuts through the noise and allows you to respond to the incident and mitigate the root cause with confidence.

Read More

Flowmon and WhatsUp Gold: Automatic Threat Detection Through Single Pane of Glass

Network Detection & Response (NDR) is a key element that provides an additional level of security across the company wide network through detection of threats that bypass traditional security measures and materialize in the company’s digital environment. Progress Flowmon ADS (Anomaly Detection System) is a typical representative of an NDR system that combines various detection techniques to ensure that malicious activity is recognized and flagged as a security incident.

Read More

How To Configure Flowmon and WhatsUp Gold

In the previous “Flowmon and WhatsUp Gold: Discover application experience issues through single pane of glass” blog post we have demonstrated how IT Infrastructure Monitoring (WhatsUp Gold) and Network Performance Monitoring & Diagnostics (Flowmon) work seamlessly together to report on application performance, user experience and infrastructure status. The goal is to support IT professionals with valuable insight into performance degradation issues enabling quick recovery and restoration of requested service levels.

Read More

Flowmon 12 - Workflows and UX Improvements

We released Flowmon 12 at the end of February. The new and updated functionality in the latest version has been well received by existing users, and has prompted many new organizations to consider the product. The headline changes in Flowmon 12 are in the blog post Progress Flowmon 12 – Ultimate Enabler of Your Multi-cloud Strategy.

Read More

Flowmon and WhatsUp Gold: Discover application experience issues through single pane of glass

Have you ever experienced user complaints and struggled to find the root cause of the performance degradation? I'm sure every IT operations professional has. Is it the application? Is it the underlying infrastructure? Is it the network? What if you have a single pane of glass that will gather all the relevant metrics and telemetry and display it in an intuitive and easy to understand fashion?

Read More

How to Optimize Cloud Monitoring Costs Using Flow Logs in Progress Flowmon

This blog post discusses some of the best practices for balancing the costs of cloud traffic monitoring while maintaining a reasonable level of visibility. Progress Flowmon 12 has introduced the processing of native flow logs from Google Cloud and Microsoft Azure, plus it has enhanced support for Amazon Web Services (AWS) flow logs. This opens up interesting options for reducing the costs of your cloud traffic monitoring by leveraging flow logs in parts of your cloud infrastructure where a reduction in visibility is not an issue.

Read More

eSecurity Planet Ranks Flowmon in Best Network Monitoring Tools

Modern enterprise and SME networks are complex constructions. They comprise on-premises network equipment and servers, multiple public cloud infrastructure components, operational technology links to monitor physical items, edge networks, and large numbers of endpoint devices that connect from various locations over many different networks.

Read More

Enhanced Network Monitoring with Progress Flowmon

Ensuring that networks and the applications they enable are performing as well as they should is a full-time and challenging task for system administrators. We've all encountered scenarios in which end-users complain that an application is slow. Then the network team says it's not their problem, and the development team (or third-party application vendor) also says it's not their problem either.

Read More

What are network monitoring tools?

Network monitoring tools gather and analyze network data to provide network administrators with information related to the status of network appliances, link saturation, the most active devices, the structure of network traffic or the sources of network problems and traffic anomalies.

Read More

What to Look for in a Network Traffic Visibility Solution

As company infrastructures now sprawl across several different environments, additional tools need to be added to the portfolio. But adhering to the traditional approach of focusing on individual devices, their health, performance, and availability, only aggravates its downsides; i.e. visibility blind spots, tool disparity, and therewith connected “swivel-chair” management. The problem calls for increased network traffic visibility that does not come at the cost of extra work.

Read More

User Identity Awareness with LoadMaster ESP and Flowmon

In one of the previous blog posts from the load balancing education series, we discussed the Edge Security Pack functionality to provide an additional layer of security in front of an application workload to ensure that only properly authenticated users can interact with the application.

Read More

Global Site Load Balancing Explained

Global Site Load Balancing (GSLB) is an important part of your application infrastructure, but many people don’t understand its benefits. In this post we’ll explain how GSLB works and how LoadMaster GEO can bring big benefits in availability and performance at a fraction of the cost of alternatives.

Read More

Publishing & Securing Legacy Applications

In the previous blog post, we discussed load balancing essentials and methods of traffic distribution among the real servers. When you publish an application with Kemp LoadMaster you can add lots of extra capabilities on top of the basic load balancing.

Read More

Investigating Network Anomalies – A sample workflow

Network anomalies vary in nature. While some of them are easy to understand at first sight, there are anomalies that require investigation before a resolution can be made. The MITRE ATT&CK framework introduced in Flowmon ADS 11.3 streamlines the analysis process and gives security analyst additional insight by leveraging knowledge of adversaries' techniques explaining network anomalies via the ATT&CK framework point of view.

Read More

Science of Network Anomalies

Today’s networks have evolved a long way since their early days and have become rather complicated systems that comprise numerous different network devices, protocols, and applications. Consequently, it is practically impossible to have a complete overview of what is happening in the network or whether everything in the network works as it should. Eventually, network problems will arise.

Read More

The Flowmon Roadmap for 2021

Your feedback, current trends, and a good chunk of innovation are what shapes the current and future face of our solution. Read on to find out what is coming in 2021.

Read More

Flowmon Detects Windows DNS SIGRed Exploitation

The vulnerability called SIGRed (CVE-2020-1350) has been around for 17 years, during which time it was present in Windows Server operating systems from version 2003 through 2019 and received a maximum severity rating of 10. It was finally patched in July 2020.

Read More

5 Network Security Trends to Watch in 2021

It is not only the COVID-19 pandemic and the associated rise of remote work that is shaping the everyday routine of network security practitioners. Let's take a look at 5 major trends in network security.

Read More

How to Block an External Attack with FortiGate and Flowmon ADS

It’s a question we hear often - how to use Flowmon to block an attack? Flowmon is not an inline appliance to stand in the path of inbound traffic, so we partner with 3rd party vendors who supply equipment like firewalls or unified security gateways.

Read More

How Flowmon Helps to Detect SUNBURST Trojan Attack in Your Network

Flowmon Anomaly Detection System from Kemp now contains Indicators of Compromise (IoC) for the SUNBURST trojan specifically. Users of the Flowmon network detection and response (NDR) tool can check if they are under attack and set up measures to detect SUNBURST.

Read More

Bridging Visibility Gaps in Hybrid Cloud Monitoring

When cloud adoption shifts from a new trend to daily reality, it causes headaches to everyone responsible for the performance, availability, and security of business services or apps. How do you monitor owned and rented infrastructure with all of their differences without creating visibility silos and ending-up with a bunch of disparate tools?

Read More

Flowmon and Kemp Together. Why it Makes Sense

For more than a decade we have been concentrating our best talents into two areas. Improving technology and making our products available globally. Now, the time has come to massively scale up our business and technological power.

Read More

Load Balancing and NetSecOps - What’s the Deal?

Kemp, known for its well-tuned and easy-to-use load balancer LoadMaster, has acquired Flowmon, extending its product portfolio and growing through acquisition. So you may ask, how does the technology fit?

Read More

Integration of PRTG and Flowmon

Get the most out of PRTG and Flowmon by bringing them under one GUI and allowing their complementary functionalities to work together.

Read More

Ensuring Availability and Security for Remote Workers

The year 2020 has seen various changes throughout the world but no change has seen more of an impact than the Corona-virus. During this epidemic, workers from all industries have moved from a traditional office-based role to WFH (Working From Home).

Read More

Improved FortiGate Integration

The new release of FortiOS 6.4 from 31 March 2020 brings a new and interesting feature of using webhooks for external API calls and enable automation stitches, which are easy to configure in FortiGate UI and allow you to run multiple actions.

Read More

Story of a Large Call Center

We hear many applications promise “new heights of success and prosperity for your company.” But what do you do when the application is slowing your business down?

Read More

Tracking the Performance of Online Meeting Tools

Tools for online collaboration, and online meetings in particular, have begun to replace face to face contact since the global COVID-19 emergency. A prerequisite for smooth and reliable video conferencing is sufficient bandwidth and low network latency. How does this matter when everybody is working from home and IT teams have no control over the environment of individual employees?

Read More

Tracking Devices and Users in Your Network

Is the DHCP pool wide enough? How many users are authenticated during the day? On how many devices one user is authenticated? In this article, we will demonstrate how you can check it easily with Flowmon’s improved Active Device functionality.

Read More

QoS and DSCP Monitoring with Flowmon

Quality of Service (QoS) and Differentiated Services Code Point (DSCP) are mechanisms to classify and prioritize critical services such as voice or video, ensure sufficient bandwidth for company applications and provide simple best-effort service to web browsing or data transfer.

Read More

Flowmon Incident Response

This document is aimed at operators and analysts who use Flowmon to detect and analyse security events.

Read More

Boosting Enterprise IT to the Next Level

This is the story of a large-sized company (1000-5000 employees) that understood the importance of IT in the digital era and its business impact. The IT department needed a new impetus to reconsider tools and processes in place.

Read More

Journey from Reactive IT to Proactive Control

This is the story of a medium-sized company (250-1000 employees) on its transition from a reactive IT department that acted like a firefighter, to a modern team having full control and visibility in their digital environment.

Read More

Validate Indicators of Compromise in Your Network

You may have recently come across indicators of compromise (IoC), such as malicious IP addresses, which you can use to validate whether you have been affected or not. For example, a national cyber security agency can approach you to validate specific IoCs in your environment and report back to them. Flowmon can help you with this. You can simply do a retrospective analysis and proactive real-time monitoring to detect the occurrence of such IoCs.

Read More

5 Reasons Why Hackers Will Have a Bumper Harvest

In the coming years we can expect an even larger and more sophisticated wave of theft, fraud, extortion and deactivation of the various services run by businesses and public organisations. Here are a few reasons cybercrime will flourish in the coming years.

Read More

New Flowmon DDoS Defender - Straightforward Performance

The new Flowmon DDoS Defender 5.0 is faster, more precise and better-looking. It combines powerful and highly customizable attack detection with an intuitive user interface, turning DDoS protection into a smooth and satisfying experience.

Read More

Flowmon ADS 10.0 Facelift

The new facelift of Flowmon ADS is not just about looking better. It was purposely designed to facilitate faster analysis and easier fine-tuning while aiming for maximum user comfort.

Read More

Flowmon and OpenVAS Integration

Rest API, provided by Flowmon, is a great tool to strengthen the security of organisations and enabling you to integrate FLOWMON with many existing security solutions.

Read More

Flowmon 10.2. Release News

The success of IT is measured by time and therefore this spring update comes with performance in mind, moving operations ever closer to real-time. Through our continuous research, we’ve identified the need for a variety of improvements that would help IT experts to achieve their performance metrics faster and easier.

Read More

ICS/SCADA Monitoring and Anomaly Detection

Operational Technology and Information Technology are merging. And spoken frankly, they do not understand each other. OT systems have lived for years totally isolated and now they should be connected to enterprise networks or the internet. The lack of security measures in this environment, where availability and integrity will return us back in time, means we will have to deal with the very same issues that experienced IT professionals solved 20 years ago.

Read More

Packets and Flow Data: best of breed combination for network forensics

IT experts usually distinguish between two types of systems for network monitoring: flow-based and packet-based. But facing today's challenges brought by bandwidth explosion, new platforms and hyper-connectivity they must change their relationship from simple coexistence to fruitful cooperation. And this is exactly what we have delivered to IT ops by introducing Flowmon 10 and Rolling Memory Buffer feature. Let’s see what benefits it brings for network forensics.

Read More

How to use Network Performance Metrics with Flowmon

Using basic network performance metrics, namely Round Trip Time (RTT) and Server Response Time (SRT), is an easy-to-go way how to deal with performance issues in your network. Let’s take a closer look at how every network administrator can use RTT and SRT metrics in Flowmon.

Read More

5 predictions for cyber security in 2019

Last year completely refuted doubts about the increasing cyber security risks. Hackers, obtained sensitive data on hundreds of German politicians, including Chancellor Merkel and accessed data relating to tens of millions of Facebook accounts. The year also confirmed that hacking has become a means for political activists and an effective tool for professional criminals who have discovered a lucrative opportunity on the internet. What conclusions can we draw from these events for 2019?

Read More

3 Network Performance Monitoring Metrics to Deal with Performance Degradation

In my 20+ years career, I’ve worked with two types of technologies. Those that took extensive marketing efforts to communicate their value and failed to deliver it, as well as technologies that proved themselves quickly during a single day. Network performance monitoring using flow data is the second case. In this post, I share my experience with NPM techniques, how to take them on in a real environment and what are the typical root causes of performance bottlenecks found in network traffic.

Read More

Creating custom logs from NetFlow

Did you know you can create logs with any flow information and export it to 3rd party systems like SIEM. Check this post to see how to do it and what we have prepared for you.

Read More

DDoS Protection tool without BGP Peering Analysis? Why not?

It is difficult to count how many times I have been involved in discussions about the role of BGP peering analysis in DDoS protection. Usually, people think of how these technologies are connected together, so I have decided to share my point of view in various scenarios.

Read More

Revised Flowmon interface: First step to customer-centric UX

Revised user interface as it comes with Flowmon 10.0 is one but important stop on our long term initiative that will end up with completely new concept of the Flowmon solution providing unified view across network, application and security dimensions. Let’s see what it brings.

Read More

Flowmon 10.01 - redefined Dashboard improved Reports and much more

As a part of our long term strategy to enhance User Experience, Flowmon 10.1 comes with reworked and fully responsive Dashboard. These improvements offer ultimate flexibility to tailor Flowmon to specific customer needs and help to maximise usability. Read about more new features in this article from our Product Manager, Rostislav Listvan.

Read More

Let’s talk PoC

Whenever you want to buy something new, you may entertain doubts about a product you have never tried out before. Although the product appears great on paper, often you want physical proof to persuade you that the product is well-suited to your needs.

Read More

Nail These 6 Encrypted Traffic Cases with Flowmon

There is no doubt SSL/TLS offers major benefits, such as confidentiality and integrity. However, it also creates challenges. For instance, visibility gaps and management overheads. Furthermore, malicious threats are evolving and adopting encryption to cover their tracks. In this article, we'll look at how Flowmon can help tackle some of these challenges.

Read More

What made us create Distributed Architecture

Developing hyper-scalable network analytics design, called Flowmon Distributed Architecture, was one of the biggest technology challenges we’ve faced to date. What were the drivers behind this resource demanding development project?

Read More

Flowmon Traffic Recorder 10.0 – Revolution Continues

New major release of Flowmon Traffic Recorder is now available. Whenever you need to go beyond flow visibility level, Traffic Recorder is here to help with scale from 1G up 100G networks. Version 10.0 comes with fully flexible capture criteria and in-memory rolling buffer for raw packets. Don’t miss a packet and don’t miss this blog post.

Read More

Flowmon 10.0 - Where the Revolution Begins

The new major Flowmon release is out. Take a sneak peek into the Flowmon 10.0 revised user interface and the concept of distributed architecture in this article from our CTO, Pavel Minarik.

Read More

Where do the Flows Come From?

Flow data is the basis of modern network monitoring, helping administrators to ensure the reliability and security of the given environment. But where does flow data come from? There are several options how to get flow data with each option having pros and cons. Let us go through them.

Read More

Flowmon brings visibility to Azure via VTAP

Flowmon introduces native Azure public cloud deployment. Just launch a virtual collector in Azure, start collecting flow data or take advantage or Microsoft Azure VTAP to mirror traffic into monitoring ports of collector.

Read More

Debunking 4 Myths about NetFlow data

Flow data (NetFlow/IPFIX, etc.) has been generally known about in the IT community for years, and is used, for example, in use cases such as billing, capacity planning and DDoS protection, primarily in the Telco segment. Enterprises, their IT managers and CIOs have only recently started exploring its tremendous potential. Yet, myths preventing faster adoption of flow technology are still being perpetuated in the networking community. Let's look at the 4 major ones.

Read More

Docker in Flowmon

Check this post to see how you can use recently added Docker to install custom packages and applications in Flowmon solution.

Read More

Prevent malware spreading with automatic client isolation using Flowmon ADS and Cisco ISE

Today, threats are not only limited to the internet. Organizations face guests and employees who connect their own equipment into the network or take company equipment home with them. A firewall with IPS capabilities, such as a next generation firewall, is a good first measure to protect against modern day threats, but they will only protect what goes in and out at the network perimeter.

Read More

Defending Networks With "Best of Both Worlds"

More and more organisations are struggling to keep up with the rapid IT developments and the increasing number of attacks. One thing is for sure, neither are going to get any less. That is why it is important to implement a strategy and solutions that are flexible scalable in order to continuously anticipate changes. In terms of security this can be done by combining the best of both worlds. Packet capture from the legacy world and self-learning flow monitoring from the digital transformation.

Read More

Helping you keep your web application users satisfied

There is an app for everything, or so the saying goes. Nowhere is this truer than in the world of business. Organizations increasingly rely on their applications performing to the maximum to guarantee the happiness and satisfaction of their end users. The sheer number of web applications is astounding.

Read More

Crypto-jacking, Crypto-mining and Crypto-currency security

Earlier this year, news was reported about Slovak Telecom secretly injecting a crypto-mining script into a website that users accessed. This was all done, apparently, without the consent of Slovak Telecom - a member of Deutsche Telekom – users. Specifically, the mobile TV Magio Go website was used, running a script that resulted in maximum processor overload due to Monero crypto-mining.

Read More

Define Profiles Automatically Using Script

Creating profiles can be time consuming, especially in large and changing network infrastructures. Today we will show you how you can save your time using script to create profiles automatically.

Read More

Business Benefits of Network Behavior Analysis

When we talk about the business value of a tool or a system that (at first point) may seem like a “nice to have” or “helpful but not absolutely necessary” technology or system, it is good idea to start this discussion by putting some things in perspective.

Read More

Monitor user behaviour to detect Insider Threats

The risk of Insider Threats has grown massively with attackers getting around the increasingly complex perimeter protection of Enterprise organisations. It is one of the most common ways customer data or industrial and trade secrets are leaked. This very complex topic includes countless types and techniques. Let us see how such behaviour could be detected at a network level.

Read More

What's new in Flowmon 9.01

Flowmon 9.01 has recently been released as a beta version for users to take a look at before its fully official release. The new version comes with a completely new flow forwarding engine, brings Flowmon closer to the cloud, introduces 1 minute profiles and much more.

Read More

Time for database accounts audit

With Flowmon solution you can easily automate the detection of users, applications or administrations accounts in MSSQL databases. New attacks have been spreading on internet since the end of 2017 and with the new year it is the right time for small check if you are not one of the victim.

Read More

Flowmon ADS integration with Elasticsearch

ElasticSearch gathers more and more enthusiasm on the IT market. Released versions of ElasticSearch put the project into the group of most important solutions in Open Source community. Growing number of leading market companies decide to learn more about the solution what becomes a real alternative for Big Vendors products.

Read More

Success story: Flowmon helps MSP to deal with DDoS attacks

Aspire, award-winning managed services company specialising in hosted services and data centre solutions started to become the victim of several large volumetric style DDoS attacks, aimed at both its network and the networks of its customers.

Read More

Detect Web Cryptocurrency Mining With Flowmon

Do the browsers that your business use support JavaScript? Well, it is truly hard to imagine that somebody exists on the Internet without this feature. Then computers in your network may be potentially affected by the newest “cryptojacking” threat and mine money for somebody you’ve never met.

Read More

Don't forget to include your network into your GDPR strategy

The General Data Protection Regulation (GDPR) will strengthen and unify data protection for individuals within the European Union (EU), whilst addressing the export of personal data outside the EU. This directive is very much about processes - some of which inherently need to be supported by technologies. There is no single tool or platform, and incorporating dozens of technologies isn’t the right way to go. Both financially and technically-wise.

Read More

Don’t Go Down The BadRabbit Hole

Yet another ransomware campaign called BadRabbit has recently started to spread. Not to worry though, Flowmon helps to detect the BadRabbit as well as other rising threats and allows you to react immediately.

Read More

Worrying About Your WiFi Security Due to KRACK Vulnerability?

Widely used WPA2 standard for WiFi Networks has been broken and it will take months to patch all affected appliances. It is a right time to consider how powerful your security is in order to deal with such a situation. Using Network Behavior Analysis immediately alerts on behavior deviations and reveals even zero-day threats.

Read More

Customer Success Story: When Automation Fails

Almost every vendor, Flowmon included, claims its NPMD solution delivers automation, machine learning, context analytics and other modern features. So, it is easy for admins to handle networks today, right? Well, it is not and feedback I get from Level 3+ engineers of 50 thousand people bank proves that sometimes automation is not enough.

Read More

Flowmon Studio #13 - What Stuart Smith has learned during 17 years of expertise in APM

Some of you may have seen our Flowmon Studio series. Over the years, we’ve become experts in network visibility and security. It appears that becoming experts in video shooting will take more than our current 12 episodes. Recording of an interview with APM expert with 17 years of experience and our latest member of the Flowmon UK team, Stuart Smith, went wrong. But such a small failure was never going to stop me from sharing Stuart’s priceless thoughts, at least the old way - in written form.

Read More

Native Support for DDoS mitigation with F5® DDoS Solutions

Flowmon Networks and F5 Networks have joint forces to protect Service Providers and their enterprises customers against DDoS attacks. The integration of Flowmon’s fast flow-based DDoS detection with F5 Networks’ out-of-band mitigation solution provides timely and effective protection for service providers and their customers.

Read More

Fast DDoS Detection and Mitigation in SDN Environment

DDoS attacks are still growing threat to all businesses dependent on the connectivity. There are several approaches to protect against DDoS attacks, where the most cost efficient one is the out-of-path strategy to detect and mitigate the attacks. But how it fits SDN environments?

Read More

Artificial Intelligence will be the decisive factor in the fight against cyber-threats

It has been almost 50 years since the world's first computer virus was seen. Over the years, it has evolved from the amusement of a handful of enthusiasts into an extensive business that is endangering companies every day around the world. Modern technologies enable these companies to face these threats. One of these is the artificial-intelligence for network analysis through which, the European company Flowmon Networks broke through to the world.

Read More

Detect ExPetr/Petya wiper

A new malware attack is spreading on the internet and causes big troubles to users and administrators. Find out how Flowmon helps with this recent threat.

Read More

DDoS Protection in SDN Based Networking

The efficient out-of-path DDoS detection and mitigation is not always available out of the box in virtual networking such as Contrail. Check this post to see how to generate NetFlow in Juniper Contrail Networking SDN environment and use Flowmon DDoS Defender for traffic rerouting and automated DDoS Mitigation.

Read More

New Generation of Flowmon Solution Arrives

The new generation of Flowmon solution has arrived. Besides improved solution performance, you can look forward to new and interesting features. Come and find out what is new.

Read More

Apply monitoring of AMT attack for your datacenters and users

The attack to Intel based hardware is still going on via Intel® Active Management Technology.   More than one month known critical vulnerability CVE-2017-5689 (CVSS score 9.8) is not patched fully yet by new BIOS versions and we are not fully focused on the risk as new threats like WannaCry or SambaCry are coming in last weeks.

Read More

Using Behavior Patterns to Detect Rising Threats

We witnessed an unprecedented global outbreak of WannaCry infection last week. Let’s examine how one can detect and minimize the impact of WannaCry as well as other rising threats with the new feature in Flowmon ADS module.

Read More

Flowmon Sales Training: The Making of

Some people educate themselves because they are personally interested in the topic. For some, education is compulsory while others are just looking for a better qualification. The best way we can share our experience from selling Flowmon with you is through training and workshops. A video session of a few hours should be better fun to watch though and with this idea in mind we decided to create a whole new type of experience for you. This is how we made it.

Read More

Reasons not to worry about GDPR and NIS

Brace Yourselves for the new European legislation on data and network security coming soon! Get ready to invest millions in technologies and hire dozens of new employees. The whole world as we know it will never be the same again.

Read More

Network visibility in the SCADA/ICS environment

Security in the SCADA/ICS environment is a much discussed topic today. In the past these systems were strictly separated. But their connection to common computer networks has opened new opportunities for attackers. How the network visibility combined with real-time anomaly detection helps to protect SCADA/ICS environments?

Read More

What is your network’s real performance?

If you are unaware of the actual figures, this post will give you the answer. Network Performance Monitoring enables you to avoid network infrastructure downtime, identify bottlenecks and troubleshoot performance issues. So let us take a close look at NPM metrics today.

Read More

What's new in Flowmon 8.03

Flowmon 8.03 is here with new interesting features such as NPM metrics visualization, broader L7 visibility, encrypted flow export and much more.

Read More

Alerting in Flowmon Monitoring Center

Using alerts can significantly simplify your life. There is no need to sit in front of a monitor and search for operational problems in your network. In this blog post, we will go through the capabilities of automatic alerting in Flowmon Monitoring Center.

Read More

5 things that pay off when doing PoC projects

Every customer wants to be sure they are making the right decisions. PoC campaigns are a great way to achieve this and also how to distinguish between empty phrases and real benefits.

Read More

Pros and Cons of Agent-less Application Performance Monitoring

Network-based Application Performance Monitoring solution measures delays in network and application for all transactions of all users. If any problem occurs, it immediately reports and alerts the administrator and provides all necessary data to point out the cause of the performance issues. It is often compared to traditional APM solution, so let's see where the limits of such agent-less solution are?

Read More

Tuning the Network Behavior Analysis

Today, we are busting a myth about configurating and tuning of the NBA / UEBA solution to be time consuming project. Come and learn how you can tune Flowmon ADS in an hour.

Read More

Flowmon ADS integration with Splunk

In most organizations security issues are the responsibility of many teams. Each of them manage only a selected part of the infrastructure and the global view is missing. Learn how to get overview of the entire environmnet with Flowmon ADS integration with Splunk.

Read More

Getting the Flows to Cloud Securely

Nobody wants to share his communication with the public. And customers of cloud services based on flow data analysis are no exception. They need to be sure that their traffic is not “overheared” when sending data to cloud provider through public network. With Flowmon this is not an issue anymore. Welcome to the flow data encryption.

Read More

Lessons learned: Developing Flowmon foreign operations

For six years I’ve been standing in the front line of Flowmon international business development. As an area manager I’ve launched operations on several markets across Europe. Usually with no brand awareness, no partners on the target market and with inexorable KPIs hanging over my head like the Sword of Damocles . In this article I’m sharing my experience and identifying six key must-haves when developing a new market.

Read More

How Flowmon can help you grow your career?

Three weeks ago I was giving a presentation to a customer and you wouldn’t believe what question I have received. “So how the deployment of Flowmon can help me and my colleague to grow in career?” Wow!

Read More

Frequent & Dangerous: Discover seven cyberattacks you will face sooner or later

“Cybercriminals to compromise company: business loses $56 million.” Do you find this headline familiar? Such front-page news and analysis of large-scale attacks hit us every day. In this article I don’t want to talk about them. I would rather explain the very common techniques that are often used and what lies behind the word ‘compromise’. Have you ever met Hitchcock’s electronic birds or sirens luring you into a trap?

Read More

Encrypted flow forwarding and other news in Flowmon 8.02

New version of our flag ship product has been released as a Flowmon 8.02. One of the most important feature is reliable and encrypted flow forwarding option. It also brings reinvented view on Active Devices as well as new active device related widgets for Flowmon Dashboard. In addition, Flowmon 8.02 supports IPFIX items with variable length and Cisco AVC HTTP values.

Read More

DNS Monitoring in Flowmon – part 2/2

Today we will have a look on how our advanced behavioral intelligence of Flowmon ADS can detect DNS service related security incidents and how it helped our customer find malware infected hosts in the network.

Read More

DNS Monitoring in Flowmon – part 1/2

DNS is one of the most essential network services - often poorly monitored - and any outages may lead to a major business impact. Let’s take a look how Flowmon is able to monitor DNS protocol and how you can benefit from it.

Read More

Just like David and Goliath. How DDoS Defender Succeded

I’m having a goose bumps as I’m holding a fresh case study of a Managed Service Provider from the Netherlands. It was not an easy task to fulfill their technical requirements and, what’s more, the competition was already deployed!

Read More

Network-based Application Performance Monitoring

Are you interested in how your application behaves to your customers or employees from their point of view? What is their user experience? With network-based Application Performance Monitoring you can measure delays in network and application for all transactions of all users. Check this blog post to see how it works.

Read More

Flowmon Mobile Dashboard Into Your Pocket

Meet Flowmon Mobile Dashboard! Try out our new app for iOS and Android platforms. Installing and launching the app to a smartphone or tablet, you are connected to your Flowmon appliance instantly. You can easily browse widgets and swipe among your individual dashboard panels to see, what's happening in your network anytime. Follow just three steps to use the app.

Read More

Extended visibility and Flowmon Dashboard

In previous blog posts we described big news in Flowmon 8.0 – new architecture of Flowmon Collectors, DHCP. Today we will have a quick look at another new features in Flowmon 8.0.

Read More

Malware in a view of Network Behavior Analysis

More than 75% of companies is infected by malware and they don't know about that. This is not an overstated declaration, this is todays reality. Network Behavior Analysis technology helps to uncover threats in the infrastructure that may sooner or later take your money. Check out this blogpost to know how NBA deals with malware.

Read More

DDoS launched via IoT is reality. The importance of early detection grows

In February last year, one of the leading internet service providers in Slovakia suffered from the largest DDoS attack in the history of the country. The total volume of the attack exceeded 400 Gbps. Servers of its customers were down for tens of minutes… and not only the targeted ones. The attack wasn’t identified by automated tools and few hours passed from its start to successful resolution of the situation and restoration of the services.

Read More

Continuous packet capture or flow monitoring?

We in Flowmon Networks believe that merging flow and packet level visibility into one versatile solution is the technology that will help us to scale to future performance and capacity needs while preserving detailed information about network traffic.

Read More

DHCP Monitoring in Flowmon 8.0

New major version of our flagship product Flowmon was recently released. We are tirelessly following our vision to provide customers with a complete understanding of what is happening in their networks. In order to do that, we enrich flow data (information from network and transport layer) with information from application protocols (application layer). Let’s look at the new L7 protocols we have added to Flowmon 8 and dig little bit deeper into DHCP.

Read More

Intracloud DDoS detection and mitigation using SDN

DDoS attacks are today’s common threat. In most cases, the attackers flood customer’s network from the outside. But what if you are a cloud provider and the DDoS attack doesn’t come from the outside? What if both the attacker and target are inside the same cloud? Can you protect your customer then? Check this post created by Konstantin Agouros, Solution Architect Security Technologies at Xantaro and see, how Flowmon DDoS Defender and OpenDayLight protect against DDoS attack in cloud environment.

Read More

New Architecture of Data Storage in Flowmon 8.0

We've just proudly released new major version of our flagship product – Flowmon 8.0. The new version comes with a significant change of architecture of flow data storage. Moreover, Flowmon 8.0 extends visibility in L3, L4, L7 and improves central dashboard, reporting capabilities and brings other handy features. New architecture of flow data storage dramatically increases number of flow sources per one collector appliance, enables new features and consequently brings new concept of profiles.

Read More

Flowmon ADS & Cisco APIC-EM Integration

In the end of year 2015 we announced new collaboration with Cisco. By integrating Flowmon Anomaly Detection System (ADS) with Cisco’s Application Policy Infrastructure Controller Enterprise Module (APIC-EM), the companies will provide administrators with agility when provisioning quality of service and executing security policies across the entire network. Check out how Flowmon ADS and Cisco APIC-EM overcome cyber threats and secure network infrastructure.

Read More

External Storage Backup & Restore of Flowmon Profiles

A profile in context of Flowmon is a specific view on flow data stored in Flowmon Collector. It is defined by name, type, combination of profile filters and for a continuous type of the profile also size of allocated quota. Exceeding the quota causes an expiration of the oldest data, which is overwritten. A new feature allows to backup the profiles to defined external storage and restore them vice-versa whenever needed.

Read More

Dynamic Baselining and Adaptive Threshold in DDoS Defender

Dynamic baselining allows to respond to increasing volumes of traffic based on adaptive thresholds and defined rules. Flowmon Networks has introduced DDoS Defender for DoS/DDoS detection and subsequent mitigation in May 2015. Since version 2.0 released on October 2015, Flowmon DDoS Defender monitors traffic volume characteristics based on adaptive thresholds.

Read More

Internet Service Providers to Deliver Security as a Service with Flowmon

Some of significant present cyber threats are the attacks targeting government or finance institutions to cut them off the Internet, penetrations into protected systems or malware earning money for its creators. Most of these attacks come from computers of unsuspecting users that are under control of attackers and are part of botnet. What if an ISP protects end customers and connectivity provider protects ISP against cyber threats including DoS/DDoS?

Read More

VoIP traffic monitoring use-case

Are your VoIP bills too damn high? Are you paying more than you should? Maybe you don’t even know it! You might have a similar problem as our customer had. Let’s see what the problem was and how Flowmon solved it in following use-case.

Read More

How SEGA Switched to the Next Level of Network Monitoring

Cooperation with innovative businesses that have become iconic in their fields is always challenging to us. Especially when such a firm comes from Japan, famous for its quality requirements. These factors came together in our project for SEGA, a legendary interactive entertainment company.

Read More

Measuring TCP Retransmissions in Flowmon

Network Performance Monitoring was extended with monitoring of TCP retransmissions and out of order packets. Using these metrics we are able to identify data transfer issues. This article explains TCP retransmissions and shows how to easily measure them and how it helps network administrators to identify network issues and troubleshoot the network.

Read More

Extended Active Devices

How often you need to know, who is sitting behind devices in your network, who communicated in certain time frame or a month ago? Flowmon solution provides reliable user identification based authentication logs combined with flow data. The ability to monitor active devices in your network brings new benefits like user identification and host OS identification.

Read More

Flowmon-GÉANT Story: Monitoring Network with 50 Million Users

Big things in life have quite beginnings sometimes. More than ten years ago, a small group of Czech scientists worked for the pan-European association GÉANT. They had no idea that this project would change their lives forever and give a rise to the Flowmon solution which would one day monitor and secure pan-European network which is used by 50 million users.

Read More

Flowmon Monitoring Center vs. Flowmon ADS

Why would you need Network Behavior Analysis once you have deployed flow collector and traffic reporting? Well, there are scenarios where automatic anomaly detection goes far beyond capabilities of flow collectors. Are you using Flowmon Monitoring Center and still don’t have Flowmon ADS? Find out in 7 minutes how you can extend your Flowmon deployment with Network Behavior Analysis module.

Read More

User identity as part of flow data

How often you need to know who is sitting behind that IP address right now or who was logged there one month ago? Flow monitoring will give you information about IP, MAC address or DNS name but getting the user identity is usually time consuming task of analyzing the auditing logs of Active Directory or network access control system.

Read More

Never miss an update, subscribe to our newsletter

Get the latest curated insights from Kemp experts straight to your inbox.

Loading animation