Splunk introduced its Splunk for Cisco Security solution, which delivers a rich security experience by providing additional insights from data generated by Cisco security products.
The combination of Splunk and Cisco Security Management products provides a single view of the security environment to facilitate incident investigations, enforce policies and meet compliance mandates.
The solution currently supports devices including ASA and PIX Firewalls, Client Security Agent, Intrusion Prevention System, IronPort Web Security Appliance (WSA) and the IronPort E-mail Security Appliance (ESA). This integrated solution delivers:
- Increased visibility with built in pre-defined dashboards, searches, reports and alerts for all supported devices
- Security forensics with field definitions to make ad-hoc investigations and custom dashboard creation as simple as a few mouse clicks
- Enhanced network security by enabling the user to trace threats in real time utilizing reputation from Cisco, Global Correlation IPS events, ASA Botnet Filter events and Web/Email Security Appliance events
- Situational awareness of security threats targeting mission-critical business applications through the visibility gained from monitoring application logs and security data.