Plixer Scrutinizer Benefits

AdrianGrant
Network Manager at IOOF Holdings
Scrutinizer helps enrich the data context of network traffic. For example, one of our sub-organizations is primarily responsible for stock trading. They use a time-critical stock trading application called IRESS, here in Australia. I believe it's similar to a Bloomberg-based system in the U.S., but it's based across the Australian stock exchange. That sub-organization of ours has people onsite in their Sydney office who may be doing database operations. They might be copying a 25 GB database across the network. We can immediately tell the head of operations there that they've got an issue because this particular person is copying this database from this source to this destination and that this is the reason that all the network bandwidth is being used. In addition, the insight that the solution provides us as a result of its correlation of traffic flows and metadata is invaluable. As a network engineer, I don't understand how people operate without it. Without that sort of visibility into what's actually going on in the network, you're running blind. There are other very similar tools in the marketplace, but nothing comes close to the Plixer solution. Another way it benefits our organization is that it gives us the ability to identify faults and rectify them quickly. It allows us to look at the way people operate in the environment. For example, people were moving around between PCs in a hot-desking scenario, with full home-drive sync and full email sync on. That was consuming a lot of bandwidth across the network. I was able to work with our Exchange teams and Windows teams and explain to them that they should turn off the full email sync and do headers only, and that they needed to stop syncing the entire H drive component. Some of our end users had up to 25 GBs on their home drive, so when they're moving from PC to PC in a hot-desking scenario, that's crazy. We could see that they were consuming all the bandwidth constantly on this particular link. I would estimate that we have improved bandwidth availability by at least 25 percent, throughout the entire day. That's the sort of value we get out of the tool. We knew it was happening, but the ability to prove it to the business units and say, "This is what's actually causing the problem," is just invaluable. Moreover, we previously we had a 1 GB DCI between our two data centers and we could quite clearly see that it was running at 100 percent the entire time. It got to the point, with the backup solutions running between our primary and secondary data centers, that it was never able to catch up. Using that information, we were able to make a case to our business that we needed to increase our DCI from 1 GB to 10 GB. That improved the backup performance and backups were able to complete successfully. The business is able to continue without any worrying about the backups not being successful. We're very unique within Australia because we have our data sovereignty laws requiring us to have an on-premise control plane. The customers I've been working with mostly use off-prem or cloud-based control planes. Because we'd set up our vSmart/vManage inside our own data centers, it was unique. Only about 5 or 10 percent of their customers actually had that capability. So to be able to give them access to our environment to actually help develop the solution allowed them to move forward, and provide relatively good visibility, visibility which enhanced what came out of the vManage control plane. That helped us to proactively know when SD-WAN topology changes. In the vManage, we knew events were occurring, but the Scrutinizer solution allowed us to visualize that in a graphical format and to show the business how telephony calls or video or business-critical applications are being moved between links, based on the real-time performance of those links. As a result, the first thing we did — because we had a combination of fixed wireless and fibre — was to go back to our service provider and say we don't want any more fixed wireless. Most of our branch sites were dual MPLS. We did have a sub-unit that was franchised using Ethernet solutions, but our dual MPLS connections were provided by fiber, primarily, and fixed wireless as a backup or alternate link. We could see quite clearly that our data was constantly being moved over fixed wireless due to issues with the way that the radios were deployed or the ways that the radios were tuned. As a result of that, the service provider went back to its fixed wireless division and made them do some work to improve the service. Scrutinizer has also helped to reduce the time to resolution, especially for network events. Without some sort of application visibility and control system, you have no visibility into what the problem is. All you have is your best guess. Having that recorded data, and being able to play it back and look across time at bandwidth utilization, enables us to show problems to the business and eliminate them immediately. I had it on a big screen next to the operation sections. As soon as something went red, we clicked on it and we understood the traffic flow that was causing the problem. And if it was not legitimate, we were able to go directly to that end-user, because we had it tied into our AD, and tell that end-user to stop doing what they were doing or to do it outside business hours. Now, our mean time to remediation is about five to 10 minutes, maximum. Without using Scrutinizer, we'd be best-guessing for hours on end. When you have a look at, for example, what's going through a router, you look at the percentage usage on the interface. You can't look at per-flow analytics. View full review »
RogerBascom
Sr. Network Engineer at Kitsap Credit Union
I once got a call from one of my branch operations and they said that the teller line had just frozen up and they just flat were not able to do business. It just wasn't working. I said, "Okay, well let me do some troubleshooting." I grabbed Scrutinizer and looked to see if, in fact, the bandwidth was being slammed pretty hard. It revealed, really quickly — within a couple of minutes after I started troubleshooting the problem — that somebody was running a video capture across a very slow link. I was able to find out who the employees were, via Plixer. I quickly called the lady who was in charge of our security cameras, and said, "Wait a minute, you're taking the whole place down. Can you turn it off and let me see if that fixes it?" She said, "Oh, I'm sorry." She turned it off, and as soon as I saw her turn it off in Scrutinizer, they were back in operation. It has definitely helped to reduce time to resolution for network and security events. This is the tool that I grab first. It gave us better than 50 percent accuracy when we started using it. My boss was a little bit skeptical and I was a little bit skeptical. I told the sales team at Plixer, "We'll go ahead and purchase it for the first year. If everything that you guys are telling me is true, then we're going to be really happy with it." And my boss and I have been very happy with the product. Whenever I have Microsoft SQL or even workstations that all of a sudden start running amuck, taking way more bandwidth than what they normally should be taking, I can usually pinpoint things very quickly. I've got to be able to see what's going on in the wires, so, I call Scrutinizer my "Superman X-ray vision" for looking at the wires. View full review »
NickEllson
Sr. Network Engineer at Columbia Sportswear
Scrutinizer gives us an answer. Time to resolution for problems has been reduced, because I now have a tool where I can look at historical data. I no longer just say, "Well, you're going to have to call us when it happens again. Maybe we'll catch it." It's pretty much the only tool that gives me this type of visibility. The internal reputation of our IT to resolve historical bandwidth problems has 100 percent improved. The general time to resolution has improved by having a tool where we can look and see what is going on, even in the last half hour, with alignment that isn't performing well. The insight the solution provides as a result of its correlation of traffic flows and metadata is really all that I have, so it is extremely valuable. If I were to give it a number on a scale, I'm probably holding it around a seven or eight, as far as usefulness, compared to my other tools. We found the solution helps eliminate data silos because we do allow all company access to the product, since it's a read-only tool. We have shown a number of different departments in DevOps how to look at it themselves and diagnose their own problems, e.g., when they're having slowdowns to Azure. We have our express routes tagged to the Scrutinizer product. They can tell when the line is saturated and what's saturating it. This has empowered them to self-police what they're doing on the line, and it reduces the ticket count that we get. This gives us an insight on how to manage the traffic flows. More people can see IT data in real-time without having to ask IT a question and wait. It is a workflow for the basic troubleshooters to always check anytime someone says there is slowness or a performance loss. You check Scrutinizer for that site to see what it is doing. So, it is in our workflow. Our biggest lesson from using this solution is how to control and manage Commvault. Our biggest clobber of traffic was Commvault backups. There was a lot of stress on the network as backups ran into the daytime activation hours. We were able to track when and where they were running their backups just based on how NetFlow showed Commvault's usage. View full review »
Find out what your peers are saying about Plixer, Cisco, Darktrace and others in Network Traffic Analysis (NTA). Updated: February 2020.
398,050 professionals have used our research since 2012.
reviewer1249062
Network Manager at a energy/utilities company with 5,001-10,000 employees
If an application is encountering an issue, and some people say, "Oh, this is the network's fault." We need to prove otherwise the problem application isn't working. Therefore, Scrutinizer helps us to verify the info and comply. We have SQL Server all around the world. Because most replication happens almost equally, if we want to understand how the replication is doing, we can use Scrutinizer to put a filter on it. We can match older servers around the world, comparing the data transfer from each site to understand if some behaviors are different and why they are not the same. The tool helps developers to improve the application. We use the solution specifically to help reduce the time to resolution for network and/or security events. It reduces the time to resolution by two to three hours (if everything is done by hand). With Scrutinizer, it takes maybe 15 minutes. People are usually calling me, or bombing me by emails, and asking me to check what exactly is happening. So, Scrutinizer helps me have a better picture of network traffic and a few security issues. View full review »
reviewer1226004
Networks BAU Lead at a consultancy with 51-200 employees
It has improved our fault-finding by at least 50 percent, and as much as 60 to 70 percent in day-to-day networking because we can now look through historical data. When a user contacts us and says, "I'm having this issue," we can review that person's historical data and see what the device is doing, what the issues are, and where the issues might be. In terms of security, our fault-finding has improved 100 percent because we've now got a total view of what the network is doing, right down to a low level. We can set alerts based on traffic behaviors that we know, and track the behaviors that we detect. The alerts tell us exactly what's going on. That is something we just couldn't do that before. The context base will then allow us then to take it further, from just the device to the user; who was logged in on that machine. The context base allows us to detect who was using it. And even if they move machines, we will be able to see that movement. The solution has definitely helped to reduce the time to resolution for network and security events by at least half and by as much as about 70 percent. We've now got all the information that we need. The workflow helps us in terms of security. We've got Cisco ISE which provides endpoint data, and the Scrutinizer provides traffic data on the endpoints. That integration has helped tremendously because we now have two stacks of data. One tells us where the endpoint is, how it was authenticated on our network, and the other, from Scrutinizer, tells us what it was doing on the network. So that integration workflow has helped us tremendously in identifying what network activity is happening, and where it's happening. View full review »
reviewer1247151
Head of Network Group at a consultancy with 1,001-5,000 employees
I can't imagine a life without it. It's really a helpful tool. If we didn't have access to the tool, we would have more difficulty getting a long-term overview on the growth of our network. As we have gathered statistics for more than 10 years, we know about the implementation of traffic on our network to also justify our work and investments. From my point of view, it would be more difficult without a NetFlow accounting tool. The solution helps enrich the data context of our network traffic. A very good example is a feature recently discovered denied firewall flows, which helps us understand what's going on in our DMZ. It also helps us figure out misconfigurations, It is really a very helpful feature. It shows us the saturation of the network of devices. It gives us a clear view of the flows in the network to understand, for instance, planning upgrades in the network to get an idea of what's going on in the network for traffic flows. It gives us insight, for instance, on what's going on our VPN Client. There are a lot of things where it provides very helpful information. It also gives us our security reports with quite detailed information on what's going on in the network, and whether there are data exfiltrations and so on. In a few cases, it has helped resolve network events. It has also helped resolve security events. We found a couple of security issues that we wouldn't have found without the tool. View full review »
reviewer1229916
Business Security Officer at a insurance company with 1,001-5,000 employees
The solution helps us enrich our network traffic. It's really because of the ability to do host-to-host troubleshooting. We can see and isolate where the challenge or problem might be. When used to troubleshoot a potential bad actor or issue, we have literally able to cut down our time to resolution drastically. For example, we had a "runaway instance" of hogging and taking up excessive resources from a source to a destination, and this allowed us to isolate it within minutes. Any tool of this type, if you know how to use it, will drastically reduce your time to troubleshoot. View full review »
reviewer1261671
Network Infrastructure at a tech vendor with 1,001-5,000 employees
It helps provide reporting information to our customers, which is also part of certain regulations that we have in the UK. The solution is similar to an automation process because we can automate and schedule reports. From a workflow process, the pipeline is automated. We would need to have a lot of people doing many reports in Excel instead of using one product. The solution emails us when we need it and on a periodic basis automatically. The insight the solution provides as a result of its correlation of traffic flows and metadata is very good, fast, and accurate. It is one of our go-to tools when there is an issue and we want to do some accounting on the network. The solution has helped reduce the time to resolution for network and security events by three to four hours. View full review »
reviewer1229913
Systems Analyst at a government with 5,001-10,000 employees
The solution has helped eliminate data silos for us because now, instead of looking at one or two different places, we can look at it all at once. It aggregates the data so it's not in silos anymore. Scrutinizer has helped to reduce the time to resolution for network events. We are able to identify a problem and resolve it quickly, within about ten minutes, once the issue has been raised. Before, we had to do more work to get there, about a half-an-hour to 40 minutes. View full review »
reviewer1263177
Network Engineer at a healthcare company with 1,001-5,000 employees
It helps us determine what is going on with our Internet and who is hogging it all up. If we get a real high throughput or a throughput that's going over and getting dropped fairly quickly, we can tell who (or what device) is consuming that traffic. That was our main use case for buying it to start with. Going forward, we will start using it for other stuff too. We have only had it a couple of months, so we've not really dug into it a lot, but being able to know bandwidth is the main thing. View full review »
Find out what your peers are saying about Plixer, Cisco, Darktrace and others in Network Traffic Analysis (NTA). Updated: February 2020.
398,050 professionals have used our research since 2012.