|
* Memory-management, stability and speed have been fundamentally improved
* We have kept an eye on security and hardened the code to prevent privileges escalation and XSS
* Alerts have been extended to include support for
. Re-arming to avoid raising trains of identical alerts in short periods of time
. Alert propagation to the infrastructure monitoring software Nagios
. CIDR-based triggers to monitor the behavior of whole networks
. The detection of suspicious probing attempts
* Netfilter support has been added together with optional packet dropping features
* Routing visibility is now possible through RIPE RIS
* Availability of fine-grained historical data drill-down features, including top talkers, top applications, and interactions between hosts (more details here)
* Integrations with other software
. LDAP authentication support
. alerts forwarding/withdrawal to Nagios
. nBox integration to request full packet pcaps of monitored flows
. Data export to Apache Kafka
* We have extended and improved traffic monitoring
. Visibility of TCP sessions throughput estimations and state breakdown (e.g., connections established, connections reset, etc.)
. Goodput monitoring
. Trends detection
. Highlight of low-goodput flows and hosts
. Visibility of hosts top-visited sites
* Built-in support is now included for
. GRE detunnelling
. per-VLAN historical statistics
. ICMP and ICMPv6 dissection
* We have extended the set of supported OSes to include: Ubuntu 16, Debian 7, EdgeOS
* There is also an optional support for hosts categorization via service flashstart.it
|
