In this 5th why I love big data blog series, I am joined by Jeff Aboud from Splunk to outline why big data security analytics is essential to today’s security challenges.
Jeff Aboud, Sr. Solutions Marketing Manager, Security Markets, Splunk Jeff Aboud has more than a dozen years in various areas of the security industry, spanning from the desktop to the cloud, including desktop AV, gateway hardware and software, encryption technologies, and how to securely embrace the Internet of Things. His primary focus today is to help business and security professionals understand how to visualize, analyze, and alert across a broad range of data sources in real time to maximize their security posture.
It’s no secret that advanced threats and malicious insiders present increasing security challenges to organizations of all sizes. Security professionals know that it’s not matter a question of if, but when an attack will successfully breach their network. Visibility is often what makes the difference between a breach and a major security incident, and enables proactive security posture throughout the attack continuum – before, during, and after the attack. It’s also essential to understand that the fingerprints of an advanced threat are often located in the “non-security” data, so the effective detection and investigation of these threats, before your data is stolen, requires security and non-security data.
So what does all this really mean, and how can you use it do dramatically improve your security posture?
You need to integrate and correlate the data from your firewalls, intrusion prevention, anti-malware, and other security-specific solutions along with your “non-security” data such as the logs and packet information from your servers, switches, and routers. This is no easy task with the large number of different security solutions present in most enterprise networks. But having all your data at your fingertips will help you improve your detection capabilities and automate the remediation of advanced threats.
But how can you do this, since Security Information and Event Management (SIEM) systems only look at traditional security sources? The partnership between Splunk and Cisco is the answer. Splunk is integrated across Cisco security platforms, as well as other places throughout the network including various Cisco switches, routers and Cisco Unified Computing Systems (UCS) to deliver broad visibility across your environment.
Together, Splunk and Cisco provide security and incident response teams the tools they need to quickly identify advanced threats, visualize them in real-time across potentially thousands of data sources, and take automated remediation action on Cisco firewalls and intrusion prevention systems. Read More »
Tags: #CLUS, @ciscoDC, BigData, IoE, IoT, security, Splunk
IT infrastructures are increasingly complex and include a broad range of technologies and platforms hosted in physical, virtual and cloud environments. Cisco UCS has become a world leading server platform in large part because the unique UCS architecture enables organization to harness the power of virtualization and dramatically simplify infrastructure management.
Splunk is a great complement to Cisco UCS because Splunk also helps organizations deal with the complexity of vast multi-vendor, multi-product, and multi-site environments. Splunk is a platform for real-time big data analytics which enables end-to-end, cross-tier visibility across applications, physical, virtual, and cloud infrastructure.
Do you need insights into your UCS server performance? Would it be valuable to troubleshoot application issues across server, storage, networking, and other domains? Are you already using Splunk to “… make machine data accessible, usable and valuable…”? Then you need to be using the just updated Splunk Add-on for Cisco UCS.
Splunk’s first (and only) out-of-the-box integration for server environments, Splunk integration with Cisco UCS provides real-time operational visibility not just across Cisco UCS domains but across multiple applications and infrastructure tiers. This enables organizations to identify & resolve problems faster, proactively monitor systems & infrastructure, track key performance indicators & understand trends & patterns of activity & behavior.
The Splunk add-on for Cisco UCS allows a Splunk Enterprise administrator to collect UCS performance, inventory, and fault data from Cisco UCS Manager using the UCS XML API. All the data is and can be integrated with other Splunk applications for products such as Cisco ASA Firewalls or Cisco Nexus Switches or Microsoft Exchange. Did you know that Splunk has over 20 integrations for Cisco products?
If you are thinking about adding Splunk insights into your environment, this is even more of a reason to do it on Cisco UCS servers. Last November, Ragu Nambiar blogged about a joint reference architecture with Splunk that improves performance up to 25x over the Splunk reference hardware. Cisco also published a Solution Brief. Look for updates on the reference architecture from Ragu soon.
Will you be at Cisco Live next week? Be sure to go to Splunk’s booth (#2319) to see the UCS app in action (or a number of the other integrations) or join the Big Data Analytics Demonstrations Booth Tours and find Splunk in Cisco’s Connected Transportation IoT, Security Solutions and Enterprise Networks Pavilions.
Example Splunk App for Cisco UCS Dashboard
Tags: BigData, Splunk, UCS
Why do I love Big Data so much? It’s because there are endless possibilities to deliver on the Internet of Everything (IoE) opportunity that will create new capabilities, richer experiences, and unprecedented economic opportunities for businesses, countries, and individuals. Analytics is an enormous part of that value creation and is estimated to drive $7.3T of the $19T IoE opportunity over the next 10 years.
Big Data and Analytics take the data created by people, processes, and things – that’s held within the Data Center and at the Edge – and convert it to insights that deliver the truly transformational business outcomes for which we all strive. I’m not talking about ‘iterative’ changes here. I’m talking about game-changing breakthroughs that change the way businesses compete, healthcare teams treat their patients, and cities and governments meet the needs of their constituents.
Cisco has incredible Connected Analytics offerings that address the needs of data streaming at the edge. These offerings are complemented by solutions based on Cisco UCS Integrated Infrastructure and broad ecosystem of Big Data & Analytics Partners.
Read More »
Tags: #CLUS, BigData, cisco live, Cisco UCS, CiscoUCS, Cloudera, ConnectedAnalytics, Hortonworks, MapR, Platfora, SAP, Splunk, Tableau, ucsbigdata
Big Data is better than a sharp stick in the eye. I can say this with great authority, since I missed the first half of Strata+Hadoop World 2015 in San Jose because of the latter. But eye injuries have never kept me offline for long, and I was able to follow online with what I didn’t see in person. But I was very happy to make it in to the show on Friday, and even got a seat at about row 6 in the main hall for the keynotes. Read More »
Tags: Big Data, Hadoop, Hortonworks, MapR, Pivotal, Splunk
It’s been a busy couple of weeks for us in big data land. One thing that struck me is how much we learned about the big data and analytics space after hours at Strata Hadoop, and sometimes that can be just as exciting as what we learn during the sessions. I have a couple of videos I like to share with you to prove my point.
In this video, I learned some things from Jim Scott, MapR. First, MapR is providing –and get ready because it’s a mouthful—“ an online, Interactive, platform neutral, vendor agnostic training” — and some cool use cases of a Hadoop cluster in a briefcase.
It’s also fun to get together with our various partners and talk about the great solutions we are doing together. In this video, I have MapR and Platfora do all the work. Hey it was after hours!
Webinar At A Glance
Want to learn more about what we are doing with our partners? Check out the Webinar At A Glance from our recent Big Data webcast, “Analytics Solutions for Driving Better Business Outcome,” which is available on demand now. The feedback has been amazing and we plan to do more of these with our partners in the future.
Have some interesting stories or solutions you would like to share? Find me on Twitter, @JimMcHugh, we can work together to get the news out.
Tags: analytics, Big Data, BigData, CiscoUCS, MapR, Platfora, Splunk, Strata Hadoop World, unified computing system