Network flow telemetry collector that captures and analyzes traffic patterns across your infrastructure, providing critical visibility into actual network behaviors and enabling detection of volumetric attacks, data exfiltration, and lateral movement.
Key Features
Comprehensive Traffic Visibility
Flux captures detailed network flow data from strategic points across your infrastructure, providing visibility into traffic volumes, connection patterns, protocol distributions, and bandwidth utilization. This telemetry forms a complete picture of network behavior that feeds into the Augur intelligence layer for threat prediction.
Traffic Baseline Analysis
By establishing baselines of normal traffic patterns, Flux enables detection of anomalies that indicate potential security incidents. Sudden spikes in traffic volume, unusual connection patterns, or deviations from established protocols provide early warning of attacks or compromised systems.
Multi-Protocol Support
Flux supports industry-standard flow protocols including NetFlow, IPFIX, and sFlow, enabling deployment across heterogeneous network environments. This flexibility ensures comprehensive coverage regardless of your existing infrastructure.
Distributed Deployment
Deploy Flux collectors at branch networks, data centers, and cloud environments to gather telemetry from across your entire infrastructure. Strategic placement ensures visibility into traffic at network boundaries, critical junctions, and potential attack surfaces.
Detection Capabilities
Volumetric Attack Detection
Flux identifies sudden traffic spikes and abnormal connection patterns that characterize DDoS attacks. By feeding this data to Augur, the system can predict and prepare for volumetric attacks before they overwhelm infrastructure, enabling Aegis to deploy protective policies through xfw enforcement points.
Data Exfiltration Prevention
Unusual outbound traffic patterns, large data transfers to unexpected destinations, and protocol anomalies indicate potential data exfiltration attempts. Flux detects these patterns and correlates them with other signals for comprehensive threat assessment.
Lateral Movement Detection
Internal traffic patterns that deviate from normal behavior, such as unusual inter-server communications or scanning activity, indicate lateral movement by attackers. Flux provides the visibility needed to detect these threats before they compromise critical assets.
Connection Anomaly Detection
Irregular connection intervals, unexpected protocol usage, and abnormal traffic patterns reveal malware command-and-control communications, compromised systems, and insider threats that might otherwise go undetected.
Integration
Flux operates as a signal collector within the Perforlabs Predictive Defense Fabric, feeding network flow data to Augur for AI-powered threat prediction. The intelligence generated from flow analysis combines with BGP routing data from Pulse and DNS patterns from Pythia to provide comprehensive threat visibility. Augur’s predictions then drive automated policy deployment through Aegis and enforcement via xfw.
Use Cases
- Organizations running critical infrastructure that need DDoS response workflows
- Malware detection through traffic analysis and behavioral patterns
- Insider threat detection via behavioral monitoring and anomaly identification
- Capacity planning based on actual usage patterns and traffic trends
- Detection of complex, multi-stage attacks through correlation with other signals
Deployment
Flux collectors deploy at network edges, data center boundaries, and cloud infrastructure points to ensure comprehensive traffic visibility. The system scales to handle high-volume environments while maintaining the real-time analysis required for effective threat detection and response.