Mazu Profiler consumes network flow data (NetFlow, IPFIX, sFlow, JFlow) as its primary instrumentation into the network. Flow data is already available from your existing router and switch infrastructure; no new instrumentation, agents or inline devices are required. Since you are using the existing network infrastructure, the deployment of Mazu Profiler is rapid and cost effective.

Leading WAN optimization controllers, such as Riverbed, Juniper and others, are capable of generating flow data, similar to that available from your router and switch infrastructure. Mazu Profiler consumes this data to add visibility into what traffic is traversing the WAN and how effectively your WAN optimization efforts are reducing bandwidth demands.

Mazu Profiler provides valuable information for the population and upkeep of CMDBs. Specifically, it discovers all servers on the network, the applications they serve, the dependencies that must exist to deliver those services, and which users consume those services. This information is exported to CMDBs in real time, ensuring their accuracy. Any changes or additions to the environment are immediately noted by Mazu Profiler and conveyed to the CMDB.

Mazu Profiler integrates with user directory, DHCP, and DNS services to provide a more accurate and comprehensive view of network and application usage. Complementing flow and probe data with system name, MAC address and user name, this comprehensive data provides quick access to information indexed by user and enables more accurate definition of typical behavior.

Mazu Profiler can send security events to your SEM, ensuring that operators have "a single pane of glass" from which to prioritize and triage incidents. The Mazu flow API allows operators, without leaving the SEM console, to navigate into Mazu Profiler to gain visibility and context into any incident independent of the original source that sent the event to the SEM. The integration expands your SEM's capability by providing on-demand visibility into the network including what constitutes normal activity as well as security alerts based on Mazu Profiler’s behavior analysis of network traffic.

Mazu Profiler enables intelligent vulnerability scanning through integration with leading VM solutions. Mazu Profiler's knowledge of when hosts first appear on the network, and existing hosts begin to exhibit a change in their behavior can be used to trigger events and Mazu Profiler will signal the VM systems to initiate a scan. The integration with VM solutions also enhances the incident response workflow at the Mazu Profiler console, by providing host scan results within Mazu Profiler's GUI.

Mazu Profiler supports mitigation actions using a number of different technologies. Mazu Profiler can remove a system from your network by turning off switchport(s), creating null-routes, and via ACLs on routers, switches and firewalls. Integration with leading IPS systesm enables you to quarantine a hostile system; integrations with NAC systems enables you to revoke the access of a system from the network. Different mitigation enforcement technologies offer different courses of mitigation, including 100 percent removal from network access, quarantine, rate limiting, blocking of access, etc. Mazu Profiler presents the various mitigation methods as options in a mitigation plan which provides context and an understanding of the impact particular mitigation action will have, allowing for informed mitigation decisions.

Mazu Profiler supports mitigation actions using a number of different technologies. Mazu Profiler can remove a system from your network by turning off switchport(s), creating null-routes, and via ACLs on routers, switches and firewalls. Integration with leading IPS systesm enables you to quarantine a hostile system; integrations with NAC systems enables you to revoke the access of a system from the network. Different mitigation enforcement technologies offer different courses of mitigation, including 100 percent removal from network access, quarantine, rate limiting, blocking of access, etc. Mazu Profiler presents the various mitigation methods as options in a mitigation plan which provides context and an understanding of the impact particular mitigation action will have, allowing for informed mitigation decisions.