📄️ Sankey traffic visualization
Sankey traffic visualization uses Sankey diagrams to represent how traffic distributes between network entities, with visual flow width proportional to bandwidth or traffic volume. It helps operators interpret traffic concentration, communication behavior, and dominant traffic relationships across large environments.
📄️ SD-WAN
SD-WAN, or Software-Defined Wide Area Network, is a WAN architecture that uses centralized software-based control and policy-driven traffic steering to manage connectivity across multiple transport links.
📄️ Security auditing
Security auditing is the process of validating operational activity, telemetry visibility, infrastructure behavior, and security controls in order to establish trustworthy evidence, verify policy enforcement, and reconstruct historical activity across distributed environments.
📄️ Security zone
A security zone is a network segment with a defined trust level, security policy, and access-control boundary. Security zones help isolate systems by sensitivity and control how traffic moves between different parts of a network.
📄️ SIEM
SIEM (Security Information and Event Management) is a security platform that centralizes, correlates, and analyzes logs, events, and telemetry from distributed systems in order to reconstruct operational context, investigate suspicious activity, detect threats, and maintain searchable historical visibility across complex environments.
📄️ SLA monitoring
SLA monitoring tracks Service Level Agreement metrics such as availability, latency, jitter, packet loss, and response time to ensure network and service performance meets agreed operational or contractual targets.
📄️ SNMP
SNMP, or Simple Network Management Protocol, is a standard protocol used to monitor and manage network devices by collecting interface counters, device status, operational metrics, and performance telemetry.
📄️ SNMP traffic monitoring
SNMP traffic monitoring uses Simple Network Management Protocol (SNMP) to collect interface telemetry, infrastructure metrics, and operational device statistics in order to analyze bandwidth utilization, monitor infrastructure health, identify congestion, and maintain long-term visibility into network behavior.
📄️ SOC visibility
SOC visibility is the ability of a Security Operations Center (SOC) to observe, correlate, investigate, and reconstruct operational activity across distributed infrastructure environments using network telemetry, security analytics, historical evidence, and cross-domain investigative workflows.
📄️ SPAN port
A SPAN port is a switch port configured to receive mirrored traffic from one or more switch ports, interfaces, or VLANs for monitoring, packet analysis, and troubleshooting.
📄️ Storage
Storage in network analytics is the retention and organization of traffic telemetry, packet captures, logs, metrics, and historical operational records so they can be searched, correlated, reconstructed, and investigated over time across distributed infrastructure environments.
📄️ Streaming analytics
Streaming analytics continuously processes telemetry and event data as it arrives to provide near real-time visibility, anomaly detection, alerting, and traffic analysis across network environments.
📄️ Streaming video
Streaming video is the continuous delivery of video content over a network so playback can begin before the entire media file is downloaded. Streaming performance depends heavily on delivery stability, throughput consistency, buffering behavior, congestion conditions, and adaptive bitrate response across network environments.
📄️ Subnet mask
A subnet mask is a 32-bit value used in IPv4 networking to define the network and host portions of an IP address. It determines subnet boundaries and helps devices identify local and remote networks.
📄️ Subscriber analytics
Subscriber analytics is the analysis of network usage, traffic behavior, application activity, and service experience at the subscriber level in order to reconstruct customer experience, understand consumption behavior, investigate operational issues, and maintain visibility into how subscribers interact with network services over time.
📄️ Subscriber billing
Subscriber billing is the process of calculating and charging customers for network or service usage based on subscription plans, usage records, policies, and account terms. It is a core function in telecom and ISP environments.
📄️ Subscriber mapping
Subscriber mapping correlates IP addresses, session activity, authentication telemetry, and network identifiers with subscriber identities in order to preserve attribution continuity, reconstruct operational activity, investigate subscriber behavior, and maintain searchable subscriber-aware visibility across ISP and service-provider environments.
📄️ Summary statistics
Summary statistics are aggregate numerical measures used to describe the overall behavior of network and telemetry datasets, including totals, averages, counts, minimums, maximums, rates, and percentiles.
📄️ Suricata integration
Suricata integration correlates Suricata IDS and IPS telemetry with flow analytics, packet evidence, historical traffic visibility, and investigative workflows in order to reconstruct operational context around alerts, improve threat investigation, and strengthen security visibility across distributed environments.
📄️ SYN flood
A SYN flood is a denial-of-service attack that overwhelms a target by sending large volumes of TCP SYN packets without completing the TCP handshake, exhausting connection-tracking and system resources.
📄️ Syslog
Syslog is a standard protocol and message format used by infrastructure systems to generate, transport, centralize, and preserve operational event telemetry so organizations can reconstruct operational timelines, investigate infrastructure behavior, and maintain searchable historical visibility across distributed environments.
📄️ Syslog correlation
Syslog correlation combines Syslog events with flow telemetry, packet visibility, authentication activity, and operational analytics in order to reconstruct operational causality, explain traffic behavior, investigate infrastructure events, and maintain searchable historical visibility across distributed environments.