Ziften Announces ZFlow App at Splunk .conf2017 to Help Eliminate Network, Data Center, and Cloud Blind Spots

The Ziften ZFlow App and TA helps users of Splunk Enterprise and Splunk Enterprise Security (ES) use Ziften-generated extended NetFlow from endpoints, servers, and cloud VMs to see what they are missing at the edge of their network, their data centers, and in their cloud deployments.

Ziften, a leading provider of all-the-time visibility and control for client devices, servers, and cloud VMs, today announced the release of their Ziften ZFlow App and ZFlow Technology Add-on (TA) for Splunk at .conf2017: the 8th Annual Splunk Conference, to help customers maintain 24×7 network, data center, and cloud visibility. The Ziften ZFlow App and TA helps users of Splunk® Enterprise and Splunk Enterprise Security (ES) use Ziften-generated extended NetFlow from endpoints, servers, and cloud VMs to see what they are missing at the edge of their network, in their data centers, and in their cloud deployments.

Download the Ziften ZFlow App and ZFlow TA for Splunk here.

NetFlow is pervasive in the enterprise. It provides a simple means of collecting network data for security monitoring and performance management. Recognizing there are limitations from what can be seen from NetFlow, ZFlow generates contextual network flow data from host devices including client devices, servers, and cloud VMs. The ZFlow App and TA enable Splunk users to consume ZFlow data, while helping to eliminate blind spots most network monitoring solutions leave behind such as:


  • Visibility into public, private, and hybrid cloud deployment traffic
  • Visibility into data center east-west traffic
  • Visibility into local broadcast and wireless domain traffic

Additionally, with the improved visibility and context from ZFlow data, organizations can:

  • Speed the identification and resolution of user impacting network performance issues
  • Shorten attribution and remediation cycle times
  • Reduce the time IT operations and helpdesk personnel spend on firefighting issues

All endpoint intelligence collected by ZFlow is sent to Splunk Enterprise and made available within the Splunk Common Information Model (CIM) app making it available for queries across the Splunk portfolio. “Enterprise security teams have limited visibility into cloud-based infrastructure, which can make…

Read the full article from the Source…

Leave a Reply

Your email address will not be published. Required fields are marked *