4
Dell SonicWALL Scrutinizer 11.5.2 Release Notes
P/N 232-002504-00 Rev A
Release Notes
Visibility
• Trend analysis reports on archived data
• Easily see the top 5 interface across all routers, switches & firewalls
• Integrated Google Maps viewing allows for visual representations of distributed network
• Flexible viewing options allow data to be seen from different angles (pie, bar, matrix, line)
Various viewing options within Scrutinizer, such as the matrix view provide an innovative tool for better visualization
of traffic flows. Based on criteria established when the report is generated, administrators can toggle to different
views to see a graphical map of where traffic is flowing. The ‘Matrix’ enables administrators to easily visualize which
systems a particular host has been accessing.
Flow Analytics Module
The Flow Analytics Module brings traffic flow diagnostics to the next level by adding historical reporting for an
unrestricted period of time, advanced alarming with the ability to set thresholds, role-based administration, and in-
depth traffic analysis algorithms to the Scrutinizer software. It can easily identify top applications, conversations,
flows, protocols, domains, countries, and subnets on the network, as well as watch for and alert on suspicious or
potentially hazardous network behavior patterns thereby providing administrators with greater network security
awareness.
In addition to the base-level features Scrutinizer with the add-on Flow Analytics module provides several additional
advanced features, such as:
• Flexible Reporting
o Dell SonicWALL specific templates for reporting
o Special traffic analysis reports such as Flow Volume & NBAR Support
o MPLS reporting by subnet
o Microsoft Exchange log trend analysis
o Puts information at administrators fingertips
Easily identify the top applications being utilized on the network
Easily identify the top country of origin for traffic flowing across the network
Easily identify the top domains being accessed
Easily identify the top subnets being utilized on the network
With the addition of the Flow Analytics module Scrutinizer becomes an even more powerful reporting engine
offering even greater flexibility and granularity. In addition to all the reporting functions provided in the base edition,
Scrutinizer with Flow Analytics adds advanced reporting options such as flow volume, MPLS by subnet, Microsoft
Exchange log trending and NBAR support. Administrators have with a wealth of information right at their fingertips.
IT administrators can create custom reports by applying filters to granularly define the specific information desired.
Once created, custom reports can be saved for later use. Custom Reports allow the user to configure detailed
reports by filtering on fields such as: IP Addresses, ranges and subnets; Port numbers and ranges; Defined
applications including ranges of protocols and groups of protocols; Multiple interfaces from different routers and
switches; Any exported field available via NetFlow or IPFIX; Dynamic QoS monitoring; Detailed security / forensic
information.
The Flow Analytics Module adds several additional flow based traffic analysis report types. Examples include but
are not limited to: Granular IPFIX based application visualization reports for Dell SonicWALL products; Flexible
NetFlow NBAR
based application reports (requires IOS v15 on Cisco routers); Conversations to/from host pairs and
applications used; Flow reports with ToS field; Host flow reports to show hosts sending or receiving the most flows;
Host volume reports to show the volume of unique hosts per second; Pair volume reports to show the volume of
unique to/from address pairs per second.