The Ziften ZFlow App and TA helps users of Splunk Enterprise and Splunk Enterprise Security (ES) use Ziften-generated extended NetFlow from endpoints, servers, and cloud VMs to see what they are missing at the edge of their network, their data centers, and in their cloud deployments.
WASHINGTON, DC (PRWEB) September 25, 2017
Ziften, a leading provider of all-the-time visibility and control for client devices, servers, and cloud VMs, today announced the release of their Ziften ZFlow App and ZFlow Technology Add-on (TA) for Splunk at .conf2017: the 8th Annual Splunk Conference, to help customers maintain 24x7 network, data center, and cloud visibility. The Ziften ZFlow App and TA helps users of Splunk® Enterprise and Splunk Enterprise Security (ES) use Ziften-generated extended NetFlow from endpoints, servers, and cloud VMs to see what they are missing at the edge of their network, in their data centers, and in their cloud deployments.
NetFlow is pervasive in the enterprise. It provides a simple means of collecting network data for security monitoring and performance management. Recognizing there are limitations from what can be seen from NetFlow, ZFlow generates contextual network flow data from host devices including client devices, servers, and cloud VMs. The ZFlow App and TA enable Splunk users to consume ZFlow data, while helping to eliminate blind spots most network monitoring solutions leave behind such as:
- Visibility into public, private, and hybrid cloud deployment traffic
- Visibility into data center east-west traffic
- Visibility into local broadcast and wireless domain traffic
Additionally, with the improved visibility and context from ZFlow data, organizations can:
- Speed the identification and resolution of user impacting network performance issues
- Shorten attribution and remediation cycle times
- Reduce the time IT operations and helpdesk personnel spend on firefighting issues
All endpoint intelligence collected by ZFlow is sent to Splunk Enterprise and made available within the Splunk Common Information Model (CIM) app making it available for queries across the Splunk portfolio. “Enterprise security teams have limited visibility into cloud-based infrastructure, which can make security operations difficult at best,” said David Monahan, Security Research Director, EMA. “Ziften ZFlow offers an increased level of visibility and intelligence for Splunk users that is essential for enterprises looking to maintain a secure cloud environment for their users, applications, customers and data.”
Ziften delivers all-the-time visibility and control for any asset, anywhere - client devices, servers, and cloud VMs – whether on-network or remote; connected or not. Our unified systems and security operations (SysSecOps) platform empowers IT and security operations teams to quickly repair user impacting endpoint issues, reduce their overall risk posture, speed security threat response, and increase operations productivity. Ziften’s secure architecture delivers continuous, streaming endpoint monitoring and historical data collection for large and mid-sized enterprises, governments, and managed security service providers (MSSP). And Ziften helps extend the value of incumbent tools, and fill the gaps between fragmented, siloed systems.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries.