Prioritisation and Reporting

Use out-of-the-box prioritisation or apply your own severity rules at a global, group or user level. Create custom dashboards for security, networking, IT helpdesk or managers based on their interests.

NetOps and SecOps Integrated

Flowmon is a single pane of glass for both teams while respecting their needs. A unique combination of early detection, security event warnings and deep visibility into network help NetOps and SecOps teams cooperate on incident handling and root cause analysis.

Entire LAN Visibility

Know what is happening inside your LAN to detect and stop insider threats, data exfiltration. Detect activities such as lateral movement of malware that has not been yet recognised by an antivirus, or activities not visible on the perimeter.

Learn More

Attack Evidence and Analysis

Understand every suspicious event in its complexity. Context-rich evidence, visualisation, network data or full packet traces for forensics allow taking decisive actions promptly.

Configuration Wizzard

The system comes with pre-defined configurations for a variety of network types and automatically adjusts the settings after the initial configuration by using a simple wizard. Then, by managing false positives, maximise the relevancy of detected events.

Learn More

Threat Intelligence

Enhance your detection capabilities with the best of breed combination of commercial and community databases. Receive alerts on indicators of compromise and communication with malicious hosts such as C&C domains and phishing sites.

AI Based Detection

With Flowmon you can rely on a state-of-the-art detection engine that uses entropy modelling and machine learning to detect suspicious anomalies in your network traffic, including APTs, malware, insider and other threats that bypass signature-based tools.

Learn More

Features to Keep Your Network Protected

Behavior Patterns

Detect misuse and suspicious behaviour of users, devices and servers. By understanding protocols such as DNS, DHCP, ICMP and SMTP you can reveal data exfiltration, reconnaissance, lateral movement and other unwanted activity.

Learn More
User Defined Methods

Create custom detection methods flexibly. Red flag malicious, unwanted or otherwise interesting traffic specific to the client's network environment or policies. You only need to create a rule in an SQL-like syntax.

Learn More
Advanced Action Triggering

Respond to attacks automatically through script-based integration with network or authentication tools. When detecting an event, Flowmon can connect to, e.g. Cisco ISE through pxGrid, and quarantine the malicious IP address.

Learn More
Logging and Reporting

Feed your Log Management or SIEM system with comprehensive logging with context-rich syslog or SNMP messages. Maximise visibility across IT environment or log events automatically into your ticketing tools.

Attack Visualization

Get a comprehensive insight through visualising the hosts involved in an attack or anomaly. Track interactions between hosts, look up related communication, drill down to flow level.

Attack Recording Automation

Trigger full packet capture automatically when detecting an event. Thanks to the Rolling Memory Buffer, the recorded packet trace includes network data, even from the period before the attack started. Use a filter to store the particular attack communication only.

Learn More
User Identification

See what user or a hostname has taken part in an attack by collecting authentication system log data and correlating them in Flowmon. Any syslog enabled authentication service or vendor is supported, including Cisco ISE and LDAP.

Learn More
Compatibility with Flow Data Standards

Leverage your existing infrastructure to generate NetFlow, IPFIX, sFlow, jFlow or NetStream from network devices and other data sources such as firewalls, virtualisation platforms and packet brokers.

Learn More
Early Detection

Detect network anomalies and incidents in near real-time. The status of detected events is continuously updated with additional information until the detection finishes.

Explore Flowmon Now

Try Flowmon Demo or Explore Use Cases