Product Overview
DigiToll constantly keeps its eyes on your Network and provides total visibility to quickly identify and alert on who is doing what, where, when, with whom and for how long.
Network Super Vision
Bring your Network into Focus
DigiToll is a game-changing netflow analyzer technology that complements existing network and security management suites enhancing the visibility, security, reliability, resilience, and trustworthiness of your digital infrastructure. It delivers a complete and flexible kit for flow based network anomaly detection, forensics and analysis. Provides alerting and 20:20 vision to Network professionals of varying backgrounds of all point-to-point data conversations. NetFlow Auditor collects, archives and provides network data intelligence to help organizations quickly identify and alert on network anomalies to help resolve performance problems and manage network security and compliance across business services and applications, dramatically reducing the risk of potential business downtime.
DigiToll learns and alerts on network behavior baselines substantially reducing false positives. It is non-intrusive, highly fault tolerant, scalable, granular and flexible with real-time monitoring, long-term trending, reporting and alerting for; Network Security forensics, DDoS, NBAD, Intelligent Baseline Alerting, Real-time and Trending analysis of Usage, Packets, Conversations and 95th percentiles for security, capacity planning and billing purposes.
With unique features but with simple sophistication to compliment your knowledge, DigiToll will provide the scalability, flexibility and granular depth to meet all your flow-based network management needs.
DigiToll Delivers Results
Total Network Visibility
- Pro-actively manage and troubleshoot network and application performance issues
- Understand the impact of voice, viruses, hacking, multicast, DNS, peer-to-peer and worms on your network.
- Accurately plan network changes and new application roll-outs.
- Justify bandwidth upgrades.
- Validate WAN Optimization schemes with pre-post deployment assessments.
- Ensure usage policies are enforced.
- Archive information for regulatory and compliance requirements.
- Fully supports IPv6 for analytics and billing.
Absolute Scalability
- Monitoring massive core traffic flows
- Optimizing peering traffic
- Comprehensive Capacity Planning
- Enables comparative baselining of any element
- Monitoring and managing service level agreements
- Pro-actively manage and troubleshoot network and application performance issues
- Detailed billing
- Report on Cisco NetFlow, sFlow, jFlow, IPFIX flows with support for Cisco ASA Cisco ASR and Cisco Nexus Firewalls, Routers and Switches
-
Unrivalled network visibility
DigiToll provides visibility of every network conversation and scales beyond any other product in the industry.
DigiToll can perform analysis on any combination of data fields simultaneously (e.g. usage, packets, flows, packet size, utilization, etc) and sort data by any field. Effectively measure usage, trending patterns, baselines, averages, peaks and troughs, and standard deviations.
- Packet Size analysis - Provides a detailed view of network traffic by packet sizes. Use this information to optimize VoIP traffic as well as to identify packet size anomalies.
- Count analysis - Count records as part of a result to quickly identify excessive flows or change. Any record combination can be counted, e.g. counting all internal IP's with number of IP or Port conversations enables quick identification of Port Scanners, P2P users, DoS attacks or other multi threaded conversations. Identify long lasting flows or conversations.
- Deviation analysis - Analyze traffic patterns by standard deviation to identify what aspects have changed the most in a specific period, e.g. knowing what application has changed the most in the last 2 hours can lead to early detection of issues. Identify Worms, increasing flows or data floods.
- Bi-directional analysis - Show forward and reverse conversations and In vs. Out conversations to quickly identify which side of the conversation is responsible for traffic usage/flows.
- Baseline analysis - Short term and long term comparative analysis can be performed on any and every element. For example, interface, subnets, protocols, traffic between endpoints, IP, Location, Application or a combination thereof for a particular period compared against a previous period. Comparative analysis of each element across the time line gives the ability to identify which element caused the change and when. Baseline Alerting can then be activated to learn baselines for every hour for every weekday and alert on anomalies outside thresholds or standard deviations away from the norm.
- Percentile analysis - Short term and long term percentile analysis can be calculated. For Billing or Security. A percentile analysis of a threshold event will provide an indication of change. This can be set in conjunction with Baseline analysis.
- Cross section analysis - Stacked graphs enable comparison of any two network traffic parameters. As an example, A stacked bar QoS analysis can graphically show the details of each application running within every class of service.
- Custom Group analysis - IP addresses can be grouped by Location, Customer, Application and Services. Network traffic detail can now be categorized in logical groups for reporting, billing and capacity planning.
Baselining
Short term and long term comparative analysis of any and every element. e.g. interface/IP/Location/Application or a combination thereof for a particular period compared against a previous period:
- this minute versus last 20 minutes;
- this hour versus last 6 hours;
- this day of the month versus other days of the month or this day every month;
- this weekday versus each other weekday or this weekday versus every other same weekday for last 12 months;
- this week versus last 4 weeks;
- this month versus last 12 months;
- this quarter versus last 4 quarters;
- this year versus last year;
- what was my Server Farm usage this quarter compared to last quarter?
Comparative analysis of each element across the time line. Gives the ability to identify which element caused the change and when.
Network Behavior Anomaly Detection
- Anomaly Detection - Ability to create any combination of anomaly detection intelligent baselines. Comes Preset with default alerts. Available as an Add-on.
- Alerting - Ability to create any combination of analysis and automate the output as as an alert once certain criteria are met e.g. bandwidth utilization is over a certain threshold. Alerts can be tuned to reduce or eliminate false positives. Alerts can take the format of SNMP trap to a trap receiver to raise a trouble ticket with the correct team/person.
Reporting and Templates
- Reporting - Ability to create any combination of analysis and automate the output as a report periodically. E.g. end of a week, end of a quarter, end of a month, end of an hour, every 23 days etc… Reports can be written to saved and/ or emailed to one or more recipients. A report can be repeatedly updated or time stamped e.g. A data center manager wants to know the server usage trends in his environment over time and monitors this every week, month and quarter to make decisions on how to position his servers and provision services. Reports can take the format of CSV file to record events that occur for input into other systems. For example, logging when unknown IP’s use key business services will enable the compliance team to identify risk over the long term.
- Templates - Creation and customization of any analysis combination into a template to be used in the drill down menu.
Next Steps
FREE DOWNLOAD
Whitepapers
Product information
Brochures
Presentations and Galleries
Learning Events
- General Overview
- Anomaly Detection
- DigiToll Sizing - Planning Disk Space Requirements
- Data Collection Tuning -Default Real-Time & Long-Term Config
Cisco NetFlow Configuration
- Which Routers and Switches Support NetFlow?
- Cisco NetFlow commands quick start summary
- Cisco NetFlow commands for DigiToll explained
- Cisco Nexus
- Troubleshoot why NetFlow Exports are not being received by DigiToll
- What is an IP Flow?
Other NetFlow Configuration
- Adtran NetVanta Router
- Checkpoint Firewall
- Enterasys
- Extreme Networks Router
- Juniper
- Mikrotik
- Riverbed Steelhead
- VMware on an ESX Server
- Vyatta
sFlow Configuration
IPFIX Configuration
© 1998–2013 DigiToll. All rights reserved.
