With X15 as our integration partner, Lumeta ESI 3.0 has a robust architecture that is capable of real-time data ingestion from various external data feeds, authoritative indexing of network, and powerful querying and reporting capabilities.
Somerset, NJ and Sunnyvale, CA (PRWEB) February 24, 2016
Lumeta Corporation, the leader in network situational awareness, and X15 Software, Inc., a leading large-scale machine and log data management company, today announced that the underlying architecture of Lumeta’s latest network situational awareness platform, Lumeta ESI version 3.0, incorporates an embedded version of the X15 Enterprise Platform. The addition of Hadoop-based X15 Enterprise allows Lumeta’s platform to quickly ingest unstructured data (or data of unknown structure) and apply it to cybersecurity analytics.
“Breach detection requires large volumes of intelligence and powerful analytics to pull insight out of the data,” said Joe Sorial, VP Products for Lumeta. “With X15 as our integration partner, Lumeta ESI 3.0 has a robust architecture that is capable of real-time data ingestion from various external data feeds, authoritative indexing of network, and powerful querying and reporting capabilities.”
X15 Enterprise is a highly-scalable technology for machine data analysis, combining search and analytic query capability in an open machine data platform. Purpose-built for very large machine data environments, X15 Enterprise efficiently creates a single enterprise view of machine data.
Lumeta ESI provides a unique combination of recursive network indexing – for a real-time, authoritative view of the network – and cybersecurity analytics. The embedded X15 Enterprise adds Big Data and Advanced Analytics capabilities so that security analysts can combine ESI network situational awareness with external feeds, to rapidly find more meaning in the network data and to quickly prioritize issues for remediation.
X15 Enterprise allows for the collection, storage and analysis of huge volumes of data in real-time. ESI can take in external data feeds/streams – such as flow, various threat intelligence content, and network control plane packet capture data – to provide additional context to ESI’s real-time authoritative network indexing. This allows for deeper drill-down analytics to rapidly find more meaning in large amounts of data. In addition to the real-time view, X15’s event data warehouse allows for the retention of a large amount of historical data giving ESI the ability to provide a “scroll back in time” forensic view for up to one year.
Example Use Case: Threat Flows
NetFlow data and threat intelligence feeds (from integrations with open source or commercial providers), can be ingested in real-time and indexed alongside network architecture and segmentation intelligence for purposes of cybersecurity breach detection. The combination of ESI real-time, comprehensive network indexing with real-time security information services provides up-to-date intelligence to identify actual connections to malware command and control (C2) botnet servers. A scroll-back-in-time view, correlating real-time and historical data for forensic analysis and trending / comparative reporting, helps to uncover current or prior connections from specific physical or virtual machines to bad actor sites.
Benefits of using X15 Enterprise embedded in the Lumeta ESI platform include:
- Real-time event data warehouse – X15 reads and indexes streaming machine data in real-time and makes it available for search and analysis as soon as it is ingested.
- Scalability – X15 is a Massively Parallel Processing (MPP) machine data platform, which provides the extreme scalability necessary for analyzing petabytes of machine data. X15’s scalability is self-managing; partitioning is automatic, and the system rebalances itself online to take advantage of hardware configuration changes.
- Powerful visualization and dashboarding – Lumeta customers can use the sophisticated visualization capabilities to build dashboards that track critical metrics and KPIs, and to embed these charts and dashboards in custom applications via REST APIs.
- Speed – X15’s modern and open architecture offers real-time data ingestion, indexing and querying, yielding a dramatic improvement in performance; search is 10 times faster than using an SQL-only structure. The X15 machine data platform has the power and scalability to consolidate real-time search and complex analytic queries on petabytes of data.
- Hadoop Clustering – With X15, Lumeta is able to provide the option of clustering to improve performance, scalability and availability. The solution automatically scales with a customer’s Hadoop deployment and supports all major Hadoop distributions.
“Machine and log data management and analysis are critical components of security and compliance,” said Val Rayzman, founder and CEO, X15 Software. “With X15 Enterprise, Lumeta can now harness the power of Hadoop to maximize their cybersecurity analytics capabilities.”
More information at RSA Conference 2016
Please join X15 and Lumeta at the X15 booth #3029 in the North Expo, Moscone Convention Center, San Francisco, CA, February 29 – March 3. The companies will also host open demo sessions in their meeting suite on Tuesday, March 1. To attend an open session or schedule a private meeting, please contact Melody Iffland, miffland(at)lumeta(dot)com
X15 Software is a revolutionary large-scale machine and log data management company. Our flagship product provides a highly scalable, open and modern platform that combines search and analytic query capabilities. With best-in-class developer productivity and the lowest total cost of ownership, X15 Software is the new global standard for enterprise-wide machine data efforts. For more information, please visit http://www.x15soft.com, email info(at)x15soft(dot)com or call +1 (650) 264-9610.
About Lumeta Corporation
Lumeta’s network situational awareness platform is the authoritative source for enterprise network infrastructure and cybersecurity analytics. Available for both real-time monitoring and point-in-time auditing, Lumeta recursively indexes a network to identify and map every IP connected device, as well as uncover network segmentation violations and cybersecurity anomalies.
Threat intelligence (from external sources and open source feeds) is made actionable by utilizing existing capabilities of the Lumeta network situational awareness platform to correlate a comprehensive index of an enterprise’s IP address space against known threats. In real-time use, this provides network behavior analytics and cybersecurity breach detection.
The foundational intelligence provided by Lumeta gives IT management a clear, comprehensive assessment of cyber threats, network vulnerabilities and policy violations from network edge to core. Lumeta complements and optimizes existing network and security product investments by feeding them accurate and fact-based network intelligence.
Headquartered in Somerset, New Jersey, Lumeta has operations and clients throughout the world. More information is available at http://www.lumeta.com
# # #
Lumeta, the Lumeta logo, IPsonar and the IPsonar logo are trademarks and service marks of the Lumeta Corporation. Other product and company names appearing in this document may be trademarks of their respective owners.