Better user experience
It starts on the dashboard. The new filter management features reduce clutter and help to bring out the context of relevant events. Graphs are customizable to hide/show events by method or priority and context menus have replaced the right click for a more intuitive as well as mobile-friendly access to additional actions.
Event search was extended for better forensic analysis and now includes trend sparklines as well as percentages.
Drilldown shows more useful contextual information without the need to even open the event details - e.g. filters that match IP addresses, related events and IP activity over a selected time period.
Customizability
To adjust the system to your needs, you can add your own reputation feeds or blacklists. In addition, the system accommodates external services, allowing for IP addresses to be checked by IPVoid, googled as a URL or opened as a website.
False positive rules are now configured from one page and allow full-text search as well as search by IP address, which may be part of an existing filter. In order to speed up fine-tuning, the system allows deleting only more recent false positive events.
IDS Collector is fully integrated into the system without the need for a special license.
Fast configuration
Configuration settings are now grouped in tabs by importance, where all the necessary settings are contained in the Processing tab. Method settings feature an option to filter by status and Filter settings show both filter types (atomic and relational) simultaneously and have been cleared of unnecessary information. Both allow full-text search. Notes and descriptions can be added to filters for easier, more natural differentiation.
Syslog messages contain information on Perspective and Datafeed ID, creating a robust information channel that allows distinguishing between individual tenant data and only displaying events relevant to a particular user.The user guide is accessible as HTML directly from the user interface and supports full-text search.
The facelifted Flowmon ADS is a combination of a powerful detection engine and superior user ergonomy that considerably enhances anomaly detection and forensics. In short, it’s simpler, clearer, more efficient.
Do you like the facelift? Let us know!