(No Ratings Yet)
Loading ...It sounds a little odd, and it is a bit of serendipity… I’d had been researching the current generation of management tools, both commercial and those of the open source / free variety and today I hear that F5 Networks have a new partnership (hot on the heals of the one with Secerno for database security earlier in the month).
Splunk (who have a rather groovy looking web 2.0 website, all be it sans blog with lots of blogs - you’d have to be sleep reading to miss them [cough]) are headquartered in San Francisco and provide high speed indexing and search capabilities for IT data-sets. F5 have struck a deal with Splunk to provide their users with access to a nice set of management tools. Essentially a version of Splunk for use with the F5 products, running on the Splunk IT Search engine. Targeted at incident response, threat analysis and compliance, the solution is built for use with the F5 BIG-IP Application Security Manager and the FirePass SSL VPN product - other F5 products to follow.
“Enterprise customers demand technologies that validate and visualize the effectiveness of their security solutions,” said Mark Vondemkamp, Director of Product Management, Security at F5. “Having the right tools in place to be able to report on threats before they create chaos is essential. With the Splunk application, our customers are able to more easily meet the complex needs of compliance, security alerting and reporting – increasing their ability to detect and respond to threats, and minimizing the risk of disruption, harmful events and punitive fines.”
Basically you can quickly see what goes off, when it all kicks off. Nice. Smiles all round. Reports/searches include:
- Top violations (and top violations by protocol).
- Top attackers (and top attackers by protocol).
- Top alerted or blocked web application requests.
- Custom ASM forensics filtering & search.
More smiles: Splunk for use with F5 solutions is free (yes, free, for indexing up to 500 MB a day) for Splunk users and F5 customers, and is available for download at: www.splunk.com/partners/f5.
Thanks for the review. I’m interested to know what you meant by ” all be it sans blog”. We’ve actually got a number of bloggers, present company included.
That F5 partnership we did allows F5’s customers to get some sweet intelligence out of their log data (As you’ve mentioned). Any vendor can do the same with Splunk. We have the Splunk Powered Associate program that lets anyone do what F5 did. (actually anyone including bloggers can get in on that program as well.. and get paid on referrals). F5 took it a step further by building a Splunk Application that analyzes and reveals nuggets in their data.
All free, easy to work with. Interested email thewilde AT splunk DOT com. And yes… we’re happy to give out our schwag to anyone who wants it.
http://blogs.splunk.com/thewilde/2007/01/29/splunkninja-shwag-coming/