Solera Networks released the new DeepSee App for Splunk. This integration delivers full context to any security alert managed through the Splunk platform, enabling in-depth root cause analysis and investigations to combat today’s complex threats.
The free download adds an “investigate” button to quickly pivot users from any event to a Solera DS Appliance.
Splunk is recognized for its ability to manage event data from almost any network security device, including firewalls, intrusion detection/prevention (IDS/IPS) systems, servers, web gateways, and a multitude of other network and security devices.
With Splunk, system administrators and security professionals can navigate and search through log files, alerts, and other “meta data” describing the network event. The integration with Solera DeepSee allows these professionals to start from a high-level description in Splunk and drill down to a full-fidelity transcript and reconstruction of the network at the time of the event.
Like a surveillance camera for the network, Solera DS Appliances classify, store, and recreate every bit of network data that crosses the network, even on today’s ultra fast networks, physical or virtual.
These appliances provide value in three key areas:
- They provide full visibility and situational awareness into any individual or system’s network activity.
- Incident investigations are more effective through root cause analysis of any network security event, detailing where the hole in the network exists and painting a vivid picture of the full scope of what was lost.
- They promote deterrence and prevention by discovering and eliminating persistent threats before they become catastrophic to the organization, as well as encouraging users to be smart about use of network resources.