📄️ Firewall
A firewall is a security control that monitors and filters network traffic between systems, networks, or security zones based on defined security policies.
📄️ Firewall logging
Firewall logging is the process of recording firewall events such as allowed connections, denied traffic, policy matches, session activity, and security-related events for operational visibility, troubleshooting, auditing, and incident investigation.
📄️ Flow
A network flow is a sequence of packets sharing common traffic attributes such as source and destination addresses, ports, and protocol, treated as a logical unit of communication for monitoring and analysis.
📄️ Flow analysis
Flow analysis is the practice of examining network flow records to understand traffic patterns, identify top talkers, detect anomalies, and investigate operational or security issues using metadata rather than full packet payloads.
📄️ Flow attribution
Flow attribution is the process of associating network flows with specific users, hosts, applications, services, interfaces, or network segments using flow telemetry and contextual metadata.
📄️ Flow collector
A flow collector is a system that receives, processes, stores, and makes queryable network flow telemetry exported by devices using technologies such as NetFlow, IPFIX, and sFlow.
📄️ Flow deduplication
Flow deduplication is the process of identifying and handling duplicate flow records generated when multiple exporters observe and export telemetry for the same network communication.
📄️ Flow exporter
A flow exporter is a network device, software probe, or telemetry component that observes traffic, generates flow records, and exports summarized flow telemetry to collectors using protocols such as NetFlow, IPFIX, or sFlow.
📄️ Flow legs
A flow leg is an individual flow-telemetry record representing a network conversation as observed and exported from a specific device, interface, or observation point within the traffic path.
📄️ Flow tagger
A flow tagger is a rule-based enrichment mechanism that assigns contextual labels to network flows based on matching conditions such as addresses, ports, protocols, applications, or metadata-derived attributes.
📄️ Flow tracker
A flow tracker is a monitoring and analysis workflow that follows the behavior of selected network flows, hosts, conversations, or traffic patterns over time to support troubleshooting, operational visibility, and security investigations.
📄️ FlowMap
FlowMap in Trisul Network Analytics is a visual traffic analysis interface that displays communication patterns, traffic relationships, and flow behavior between hosts and network entities to accelerate operational investigations and traffic analysis workflows.
📄️ Forensic analysis
Forensic analysis is the process of examining historical network traffic, logs, packets, and related telemetry to reconstruct events, investigate incidents, and establish evidence-based timelines of activity.
📄️ Full packet capture
Full packet capture (PCAP) is the practice of recording complete network packets, including headers and payload where visible, for troubleshooting, traffic analysis, forensic investigation, and security monitoring.