Endace Announces Fusion Connector for Splunk
October 16, 2013 – Endace, a world-leader in network visibility infrastructure, today announced the Endace Fusion Connector for Splunk, an open workflow solution for detecting and resolving network security issues. The Endace Fusion Connector for Splunk optimizes data analysis workflows between its family of EndaceProbe™ Network Analytics Platform and Splunk’s industry-leading third-party monitoring and security tools that detect anomalous network behavior. Integrated with EndaceProbes, the combined solution provides organizations with the ability to detect and investigate issues at the network packet-level in order to lower time-to-resolution (TTR).
“By integrating Splunk and Endace technologies at the ‘event’ level, organizations can complete the detection and investigation cycle quickly and completely by determining the root cause of network security and operational issues,” said Endace’s Mike Riley. “As a result, customers are able to contain real network security and operations issues more effectively while reducing the impact on end users, detect false positives more quickly and better ‘tune’ detection systems.”
Splunk is a leading software platform for collecting and correlating machine data generated from a variety of different IT systems and infrastructure. Splunk helps customers detect network problems, monitor infrastructure elements and gain real-time visibility into customer experience, transactions and behavior. Because Endace captures 100 percent of the network traffic transiting a link, whether it is a 10Gb Ethernet (10GbE), 40GbE or 100GbE link, the EndaceProbe offers a historical view with the highest level of detail and accuracy available in the industry today. By deploying the EndaceProbe’s RESTful API, users can click on a Splunk event and pivot straight to the packets of interest for deep analysis in a protocol analyzer, such as Wireshark.
“The Endace Fusion Connector for Splunk provides a more comprehensive view of the network with added search and drill-down capabilities,” said Bill Gaylord, senior vice president of business development, Splunk. “Visibility to network activity gives both Security Operations (SecOps) and Network Operations (NetOps) teams the ability to quickly identify anomalous activity and conduct forensic investigations. They can not only understand the scope of a potential threat but also identify the source by simply zooming in on an event and quickly obtaining the relevant packet information.”
The Endace Fusion Connector for Splunk is available through Splunk Apps. The plugin is easy to install and adds minimal overhead to the performance of the application. The Endace Fusion Connector for Splunk is the first connector to be announced as part of the Endace Fusion Ecosystem™ program. The Endace Fusion Ecosystem program is focused on applications and partners who provide complementary capabilities to network recording that are required to detect, investigate and resolve common networking and security incidents.
“We have been working closely with Endace to test the new Endace Fusion Connector for Splunk and we found the integration delivered a 55 percent time saving on each event-to-packet search operation. The ability to instantly drill down from a Splunk event alert directly to the associated network packets is invaluable, saving time and resources and most importantly, accelerating root cause identification and resolution," said Alistair Meakin, director, Marquest. “We see a big opportunity to help our Splunk users dramatically enhance their network and security event management with this new capability from Endace and Splunk.”
Latest News & Announcements
-
6 June 2024
Endace recognized with 18 industry awards in H1 2024
Endace, EndaceProbe, and EndaceProbe Cloud victorious in numerous awards programs
-
29 May 2024
Endace and Telchemy Optimize Unified Communications and Network Performance Monitoring
Always-on packet capture and real-time multimedia analytics combine to deliver enhanced QoE for voice, video and network services.
-
7 May 2024
Endace Named Winner of the Coveted Global InfoSec Awards 2024
Endace Wins Five Awards in 12th Annual Global InfoSec Awards at #RSAC 2024
-
8 April 2024
Endace Wins Cloud Product of the Year Award 2024
EndaceProbe Cloud recognized for exceptional innovation in 2024 in Cloud Computing Magazine's 2024 Cloud Computing Product of the Year Award.
-
21 March 2024
Endace Wins Six Golds in 2024 Globee Cybersecurity Awards
Endace has won Gold Awards in six categories at the 20th Annual 2024 Globee Awards for Cybersecurity