Ziften Announces ZFlow App at Splunk .conf2017 to Help Eliminate Network, Data Center, and Cloud Blind Spots

Share Article

The Ziften ZFlow App helps Splunk users consume Ziften-generated extended NetFlow from endpoints, servers, and cloud VMs for all-the-time network, data center and cloud visibility.

News Image
The Ziften ZFlow App and TA helps users of Splunk Enterprise and Splunk Enterprise Security (ES) use Ziften-generated extended NetFlow from endpoints, servers, and cloud VMs to see what they are missing at the edge of their network, their data centers, and in their cloud deployments.

Ziften, a leading provider of all-the-time visibility and control for client devices, servers, and cloud VMs, today announced the release of their Ziften ZFlow App and ZFlow Technology Add-on (TA) for Splunk at .conf2017: the 8th Annual Splunk Conference, to help customers maintain 24x7 network, data center, and cloud visibility. The Ziften ZFlow App and TA helps users of Splunk® Enterprise and Splunk Enterprise Security (ES) use Ziften-generated extended NetFlow from endpoints, servers, and cloud VMs to see what they are missing at the edge of their network, in their data centers, and in their cloud deployments.

Download the Ziften ZFlow App and ZFlow TA for Splunk here.

NetFlow is pervasive in the enterprise. It provides a simple means of collecting network data for security monitoring and performance management. Recognizing there are limitations from what can be seen from NetFlow, ZFlow generates contextual network flow data from host devices including client devices, servers, and cloud VMs. The ZFlow App and TA enable Splunk users to consume ZFlow data, while helping to eliminate blind spots most network monitoring solutions leave behind such as:

  • Visibility into public, private, and hybrid cloud deployment traffic
  • Visibility into data center east-west traffic
  • Visibility into local broadcast and wireless domain traffic

Additionally, with the improved visibility and context from ZFlow data, organizations can:

  • Speed the identification and resolution of user impacting network performance issues
  • Shorten attribution and remediation cycle times
  • Reduce the time IT operations and helpdesk personnel spend on firefighting issues

All endpoint intelligence collected by ZFlow is sent to Splunk Enterprise and made available within the Splunk Common Information Model (CIM) app making it available for queries across the Splunk portfolio. “Enterprise security teams have limited visibility into cloud-based infrastructure, which can make security operations difficult at best,” said David Monahan, Security Research Director, EMA. “Ziften ZFlow offers an increased level of visibility and intelligence for Splunk users that is essential for enterprises looking to maintain a secure cloud environment for their users, applications, customers and data.”

About Ziften
Ziften delivers all-the-time visibility and control for any asset, anywhere - client devices, servers, and cloud VMs – whether on-network or remote; connected or not. Our unified systems and security operations (SysSecOps) platform empowers IT and security operations teams to quickly repair user impacting endpoint issues, reduce their overall risk posture, speed security threat response, and increase operations productivity. Ziften’s secure architecture delivers continuous, streaming endpoint monitoring and historical data collection for large and mid-sized enterprises, governments, and managed security service providers (MSSP). And Ziften helps extend the value of incumbent tools, and fill the gaps between fragmented, siloed systems.

Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Gregory Cross
@rpollock
Follow >
Ziften
Like >
Visit website