FlowTraq by ProQSys Adds New Threat Intelligence Service to Improve Network Security Threat Detection and Alerting

Major upgrades in performance and usability speed up FlowTraq for network security professionals.

  • Share on TwitterShare on FacebookShare on Google+Share on LinkedInEmail a friend
FlowTraq NetFlow Analysis by ProQSys

FlowTraq NetFlow Analysis by ProQSys

Designed to complement and improve existing network security operations,
FlowTraq can be deployed stand-alone or in a cluster, enabling it to offer its forensically accurate analytics at any bandwidth level.

LEBANON, NH (PRWEB) May 17, 2013

ProQSys, provider of scalable network security software for enterprise environments, today announces the availability of the latest version of FlowTraq, its flagship product. With significantly enhanced threat detection capabilities, version Q2/13 provides IT security and network managers with more flexibility and power to spot deviating behaviors. It also provides automatic alerts to suspected network threats, while major upgrades in performance and usability enable FlowTraq to take full advantage of modern multi-core architectures to evaluate deviant behaviors in networks of any size.

FlowTraq is optimized to work in large network and multi-tenant Managed Service Provider (MSP) environments to detect sophisticated threats through Behavioral Anomaly Detection. It uses behavioral analytics to alert IT administrators to data leaks, compromises, spammers, botnets, worms, and DDoS attacks. FlowTraq monitors network performance and bandwidth consumption, catalogs applications in use, and detects problematic changes in network activity. Designed to complement and improve existing network security operations, it can be deployed stand-alone or in a cluster, enabling it to offer its forensically accurate analytics at any bandwidth level.

“Security professionals would prefer to fully understand what happened in the time leading up to a data breach, even if such scenario is discovered after the fact. With FlowTraq they gain this forensic insight, regardless of the size of their network,” said Vince Berk, ProQSys. “With the latest release we further bolstered our threat detection capabilities to help customers cope with the complexities of defending their networks, and protecting against attacks that are increasingly more sophisticated and harder to detect.”

Security Enhancements
The technical enhancements to the latest version of FlowTraq are designed to empower both security professionals and managed security service providers with a more detailed view of the potential network threats. These enhancements include:

NBI Threat Management – The web interface now contains a convenient way to exploit the power of the FlowTraq Network Behavioral Intelligence toolkit. It allows users to manage behavioral anomaly detectors, which integrate with all modern SIEM systems, for one or more users. This allows security professionals to build powerful detectors faster, and detect new and unknown threats sooner.

New Anomaly Detectors – A suite of behavioral anomaly detectors can baseline quantities such as session counts, byte and packet volumes, etc. on any entity (host, service endpoint, autonomous system, etc.) for any traffic or object. In addition, a powerful blacklist detector provides alerts on any new communications on the network with systems on the blacklist making FlowTraq the most flexible traffic security tool in the industry.

Threat Intelligence Service – This service combines several respected sources of threat information into a list that is constantly updated and refreshed. FlowTraq will now always be aware of the newest dangers threatening your information infrastructure.

Additional Enhancements - Increased Speed, Easier Setup
Security professionals can maximize the use of hardware to improve processing speed because of FlowTraq’s complete auto-configurability, which has been optimized to make maximum use of modern multi-core architectures. Combined with FlowTraq clustering users have virtually unlimited flow analysis capabilities, and extended full forensic recall to customers with the highest bandwidth networks.

As part of the company’s commitment to provide the most scalable cloud platform for flow analysis, all APIs are available publicly. A complete JSON API allows developers to build their own network traffic analysis solution on top of the FlowTraq platform. Berk notes, “We understand that users do not always learn about the newest and most sophisticated attacks right away. Therefore we enhanced FlowTraq to allow customers to customize and personalize their Network Behavior Interface (NBI) detection capabilities.”

Additional enhancements include:

Automatic IP2ASN Tagging – Users can track traffic such as time spent on social networking sites like Facebook or high-volume sites like Netflix, because of the ability of FlowTraq to automatically tag each flow record with corresponding autonomous system number. This allows users to track threats to their networks at a macro level.

Expanded Multi-Tenancy Support – FlowTraq Multi-tenant support has been improved through the addition of a ‘FlowProxy’ that is deployable in customer environments. FlowProxy packages received flows and brings them back to the central FlowTraq cluster over a secure VPN or encrypted tunnel. Customers can then access their flow data through a central web portal allowing ISPs, MSPs, and cloud providers to offer FlowTraq as a service to their end-customers using a shared platform.

TCP Flag Filtering – Added to the already extensive filtering capabilities, flag filtering allows users to specify the flags that should and should not be set, and which ones are erroneous. With FlowTraq filers, users can surgically sift through traffic, or precisely configure detectors for the most important behaviors.

Pricing and Availability FlowTraq Q2/13 is available directly from ProQSys and a network of resellers worldwide. Pricing starts at $9,595. Current customers can download the update from the FlowTraq download site. Fully functional 14-day evaluation license keys are available upon request. Additional product information, screenshots, and downloadable software are available at http://www.flowtraq.com.

About FlowTraq FlowTraq is network security software that uses full-fidelity network flow records to provide unified security, monitoring, and forensics. It is the only commercially available solution that scales beyond 100Gbps without the need to sample or aggregate data. As a result, FlowTraq's robust behavioral fingerprints trigger few false alarms, which mean less time lost investigating non-incidents. FlowTraq features a multi-tenant web portal for Managed Service Providers and advanced Behavioral Anomaly Detection to catch data exfiltration and security threats. FlowTraq can be deployed stand-alone or in a cluster, enabling it to offer its forensically accurate analytics at any bandwidth level. It is designed to complement and improve existing network security operations.

About ProQSys: Founded in 2004, ProQSys develops and markets software solutions that monitor and analyze network security and performance to provide deep insight, high visibility, and valuable understanding of complex network infrastructures. With FlowTraq, users gain an unprecedented level of network situational awareness that facilitates fast and easy monitoring, quick security analysis, and complete forensic recall of any traffic that crosses their network, thus reducing organizational risk. ProQSys software solutions include FlowTraq, FlowTraq Lite, and FlowExporter. ProQSys has over 2,600 customers worldwide, including Fortune 500 companies, ISPs, Managed Service Providers, government, schools, and universities. ProQSys is privately held and headquartered in New Hampshire. For more information, visit http://www.flowtraq.com/corporate/.


Contact