Emulex announces Endace fusion connector for Splunk

IP EXPO, LONDON, UK & COSTA MESA, USA: Emulex Corp. announced the Emulex Endace Fusion Connector for Splunk, an open workflow solution for detecting and resolving network security issues.

The Emulex Endace Fusion Connector for Splunk optimises data analysis workflows between its family of EndaceProbe Intelligent Network Recorders (INRs) and Splunk's industry-leading third-party monitoring and security tools that detect anomalous network behaviour.

Integrated with EndaceProbe INRs, the combined solution provides organisations with the ability to detect and investigate issues at the network packet-level in order to lower time-to-resolution (TTR).

"By integrating Splunk and Emulex technologies at the ‘event' level, organisations can complete the detection and investigation cycle quickly and completely by determining the root cause of network security and operational issues," said Mike Riley, senior VP and GM, Endace portfolio, Emulex. "As a result, customers are able to contain real network security and operations issues more effectively while reducing the impact on end users, detect false positives more quickly and better ‘tune' detection systems."

Splunk is a leading software platform for collecting and correlating machine data generated from a variety of different IT systems and infrastructure. Splunk helps customers detect network problems, monitor infrastructure elements and gain real-time visibility into customer experience, transactions and behaviour.

Because Emulex captures 100 percent of the network traffic transiting a link, whether it is a 10Gb Ethernet (10GbE), 40GbE or 100GbE link, the EndaceProbe INR offers a historical view with the highest level of detail and accuracy available in the industry today.

By deploying the EndaceProbe INR's RESTful API, users can click on a Splunk event and pivot straight to the packets of interest for deep analysis in a protocol analyser, such as Wireshark.