Endace Announces Fusion Connector for Splunk
October 16, 2013 – Endace, a world-leader in network visibility infrastructure, today announced the Endace Fusion Connector for Splunk, an open workflow solution for detecting and resolving network security issues. The Endace Fusion Connector for Splunk optimizes data analysis workflows between its family of EndaceProbe™ Network Analytics Platform and Splunk’s industry-leading third-party monitoring and security tools that detect anomalous network behavior. Integrated with EndaceProbes, the combined solution provides organizations with the ability to detect and investigate issues at the network packet-level in order to lower time-to-resolution (TTR).
“By integrating Splunk and Endace technologies at the ‘event’ level, organizations can complete the detection and investigation cycle quickly and completely by determining the root cause of network security and operational issues,” said Endace’s Mike Riley. “As a result, customers are able to contain real network security and operations issues more effectively while reducing the impact on end users, detect false positives more quickly and better ‘tune’ detection systems.”
Splunk is a leading software platform for collecting and correlating machine data generated from a variety of different IT systems and infrastructure. Splunk helps customers detect network problems, monitor infrastructure elements and gain real-time visibility into customer experience, transactions and behavior. Because Endace captures 100 percent of the network traffic transiting a link, whether it is a 10Gb Ethernet (10GbE), 40GbE or 100GbE link, the EndaceProbe offers a historical view with the highest level of detail and accuracy available in the industry today. By deploying the EndaceProbe’s RESTful API, users can click on a Splunk event and pivot straight to the packets of interest for deep analysis in a protocol analyzer, such as Wireshark.
“The Endace Fusion Connector for Splunk provides a more comprehensive view of the network with added search and drill-down capabilities,” said Bill Gaylord, senior vice president of business development, Splunk. “Visibility to network activity gives both Security Operations (SecOps) and Network Operations (NetOps) teams the ability to quickly identify anomalous activity and conduct forensic investigations. They can not only understand the scope of a potential threat but also identify the source by simply zooming in on an event and quickly obtaining the relevant packet information.”
The Endace Fusion Connector for Splunk is available through Splunk Apps. The plugin is easy to install and adds minimal overhead to the performance of the application. The Endace Fusion Connector for Splunk is the first connector to be announced as part of the Endace Fusion Ecosystem™ program. The Endace Fusion Ecosystem program is focused on applications and partners who provide complementary capabilities to network recording that are required to detect, investigate and resolve common networking and security incidents.
“We have been working closely with Endace to test the new Endace Fusion Connector for Splunk and we found the integration delivered a 55 percent time saving on each event-to-packet search operation. The ability to instantly drill down from a Splunk event alert directly to the associated network packets is invaluable, saving time and resources and most importantly, accelerating root cause identification and resolution," said Alistair Meakin, director, Marquest. “We see a big opportunity to help our Splunk users dramatically enhance their network and security event management with this new capability from Endace and Splunk.”
Latest News & Announcements
9 November 2023
Endace WINS Most Innovative Cloud Threat Detection Investigation and Response
Endace Wins Most Innovative Cloud Threat Detection Investigation & Response (TDIR) in InfoSec Innovator Awards 2023
11 October 2023
Endace Wins 2023 Incident Forensics Solution of the Year Award
The EndaceProbe™ Analytics Platform has won the “Incident Forensics Solution of the Year” award in the 7th annual CyberSecurity Breakthrough Awards program
12 September 2023
Endace and Elastic Partner to Deliver Greater Network Observability and Enhanced Forensics
Elastic Stack and Elastic Security seamlessly integrate with EndaceProbe’s always-on packet capture to accelerate cyber threat response and network performance.
26 July 2023
Endace Scalable Packet Capture Delivers Unified Visibility Across Hybrid Cloud
EndaceProbe Cloud provides scalable packet capture for unified visibility across on-premise, private-cloud and public cloud environments
31 May 2023
Endace Wins 2023 Fortress Cyber Security Award
Endace has won the 2023 Fortress Cyber Security Awards in the Network Security category.