Customers using Probe
Provides deeper visibility that uncovers problems impacting user experience
rather than just the red/green status information of server availability.
Flowmon Probe collects network data and pre-filters it for relevant information, allowing for clearer analysis and visualization while also saving capacity and reducing investigation time.
No matter what type of network, a Flowmon Probe can be deployed anywhere without any impact on network traffic from 10 Mbps to 100 Gbps. As a virtual appliance, it can be deployed in virtual environments such as VMware, Hyper-V or OpenStack KVM or as a cloud application in AWS, Azure and Google Cloud.
The Probe connects passively through a SPAN port or network TAP and therefore represents no potential point of failure or hindrance. It is transparent from the L2/L3 perspective. In addition, the Probe supports remote monitoring sessions via GRE, ERSPAN or VxLAN.
Probes natively collect L2–L4 information on communication IPs, protocols, server response time, round trip time, jitter, and more. Flowmon's IPFIX extension provides additional L7 data, such as hostnames, URLs, browser information for HTTP/S protocols and other fields for protocols such as DNS, DHCP, SQL, SMTP, or Samba/CIFS.
A single Flowmon Probe can provide everything needed to monitor a smaller network, or combine with a Collector to cover the most complex, large distributed networks.
There are limitless possibilities to integrate the Probe with complementary tools and platforms. It can export flow data to different targets in multiple formats; e.g. send IPFIX to Flowmon Collector, NetFlow v9 to a SIEM system, or NetFlow v5 to an older legacy system. Network logging via syslog is an option for platforms that do not ingest flow data. It maximizes the investment into network infrastructure equipment from a variety of vendors by doubling their use as a source of telemetry data.
Leverage your existing infrastructure as sensors that generate NetFlow, IPFIX, sFlow, jFlow or NetStream from network devices and other data sources such as public cloud platforms, firewalls, virtualization platforms and packet brokers.
Flowmon Probe exports network and application telemetry in the form of flow data based on raw packets and provides traffic statistics and metadata on all network layers.
Using a Suricata IDS extension for the Probe enables packet inspection to seek potential intrusion, complementing the signature-less approach of Kemp Flowmon ADS and providing an additional level of security. The extension works in environments of any link speed from 1 Gb/s to 100 Gb/s, and the detected events may be exported to any target.
Probes decapsulate traffic to truly monitor the actual user-application conversation rather than the tunnel itself. This is available for all major protocols including GRE and OTV. This level of visibility is applicable even in MPLS networks to see per-tenant traffic as well as in VLAN segmented network.
Standard NetFlow fields such as IP, port or protocol as well as advanced proprietary measurements such as Network Performance Monitoring Metrics, VxLAN visibility useful in remote monitoring e.g. in the cloud (in addition to L2 options such as GRE or ERSPAN), or ASN analysis.
Provides a deeper understanding of application functionality for most common protocols ranging from HTTP, working even with HTTPS, SQL, DNS/DHCP, VoIP, Samba, email, etc.