I would like to share a list of items we are working for the future of Network Traffic Analyzer. We are listening and your comments will be more than welcomed.
- Improvements in unknown application detection in netFlow(s) - using Cisco NBAR2 (1000 apps) for understanding what's behind port 80, etc. (Support for Cisco NBAR)
- Network security protection using Network Behavior Analysis (using flows, not agents). Detect DDoS attack, mallware communication or any other suspicious network communication without end-point agent deployment.
- IP Address reputation - get warning if application/end-point communicate with potentially dangerous site, we will take care of updates and real-time IP address evaluation.
- SYN flood attack detection, DoS detection, unexpected TCP/UDP high volume detection, find the host-name and switch port/SSID information of the source of the traffic.
- Port scanning detection
- Improved Network Bandwidth Utilization troubleshooting - instead of showing applications from entire network, we want to point you to the most utilized interfaces (and even better, network links) and show you what are top application and top talkers responsible for that conversation.
- UDT Integration Integration: NetFlow and User Device Tracker
- Topology information within NTA - understand "what and where". See your WAN links or VPN connections and underlying border interfaces with all the traffic (applications) and top talkers on the single page.
PLEASE NOTE: We are working on these items based on this priority order, but this is NOT a commitment that all of these enhancements will make the next release. We are working on a number of other smaller features in parallel. If you have comments or questions on any of these items (e.g. how would it work?) or would like to be included in a preview demo, please let us know!