Welcome to the third quarter of 2013! FlowTraq has received two major new features; Traffic Groups, and Friendlynames, plus a slew of smaller improvements. Traffic groups allow you conveniently group related traffic together, and view it as one object. Friendlynames speaks for itself; allowing you assign arbitrary names to almost any entity in FlowTraq, including Autonomous Systems. Other improvements include a server configuration panel in the Web Interface, and the ability to click on items to add them to the current filter. The default Web dashboad was updated to show what entities are receiving alerts, in addition to which detectors are most active. Additional viewing options were added also, allowing you to group traffic by NetBlock, or Exporter/Interface combinations. Finally, our API was extended to allow for easier integration with many SIEM systems. Check out the Section 2.3, “Change Log” for a full list of changes made.

The Q3/13 version of FlowTraq sees the introduction of Traffic Groups, which are powerful new way to organize your traffic. Administrators can define a 'TG' by a list of up to 32 CIDR NetBlocks, flow sources, and port/protocol combinations. Flows updates are tagged upon arrival from the exporter, and both the client and server address can receive a tag. This means you can monitor traffic flow between pairs of Traffic Groups. Since TGs are defined as primary objects in FlowTraq, it is possible to filter by them as well; simply start typing the name of the TG and let autocomplete do the rest. Additionally, the NBi detectors have been upated to allow profiling and alerting on TGs. Customers running FlowTraq in a clustered environment simply define the TGs on the portal, and all workers will automatically be notified of any changes in the TG structure. Traffic Group definitions can be found in the 'Administrator' section of the Web Interface.

Topping the list of most-requested features for FlowTraq was a system to assign arbitrary Friendlynames to entities in FlowTraq. Q3/13 brings this ability through the Web Interface. Simply click on an IP address, VLAN, etc... and select 'rename'. Administrators can set global names for objects seen by anyone, while regular users can only set names for themselves. FlowTraq now conveniently comes pre-populated with a list of Autonomous System names. Additionally the IP, NetBlock, and ServiceEndpoint views have been improved to include ASN and Country information.

In addition to the Java Desktop inteface, the Web Interface also receives a server administration page, accessible only to adminstrators. Properties such as license keys, RAM utilization, and database size can be configured without the need to edit the configuration file. Some vital stats such as flow rate, and resource utilization are also displayed.