dns edge for splunk - bluecat · cybersecurity analysts use the bluecat dns edge for splunk app to...

www.bluecatnetworks.com Cybersecurity analysts use the BlueCat DNS Edge for Splunk app to easily review, monitor and set alerts on security policy events from their BlueCat DNS Edge service points. A simple search interface and alert framework within the app make it easy for security professionals and DNS administrators to explore data and configure notifications to fit workflow preferences. BRING THE MOST CRITICAL DNS DATA INTO SPLUNK All relevant DNS data – correlated to source IP – from policy events to easily filter, view and correlate with all your other cybersecurity data within Splunk. REVIEW POLICY EVENTS Filter parameters such as time-and-date or event type to explore policy events from your BlueCat DNS Edge instance. Dashboard analytics show policy event trends and an adjustable trendline of specific policies set within your environment. Gain critical insights into security policy events from all of your BlueCat DNS Edge service points using Splunk – a central dashboard for relevant security and performance metrics all in one place. DNS EDGE FOR SPLUNK BlueCat DNS Edge A cloud-based, client-facing firewall that leverages an organization’s existing DNS data and infrastructure to provide visibility, control, and cyber threat detection capabilities to an organization.

Upload: trinhdieu

Post on 20-Jun-2018

227 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: DNS EDGE FOR SPLUNK - BlueCat · Cybersecurity analysts use the BlueCat DNS Edge for Splunk app to easily review, monitor and set alerts …

www.bluecatnetworks.com

Cybersecurity analysts use the BlueCat DNS Edge for Splunk app to easily review, monitor and set alerts on security policy events from their BlueCat DNS Edge service points. A simple search interface and alert framework within the app make it easy for security professionals and DNS administrators to explore data and configure notifications to fit workflow preferences.

BRING THE MOST CRITICAL DNS DATA INTO SPLUNK

All relevant DNS data – correlated to source IP – from policy events to easily filter, view and correlate with all your other cybersecurity data within Splunk.

REVIEW POLICY EVENTS

Filter parameters such as time-and-date or event type to explore policy events from your BlueCat DNS Edge instance.

Dashboard analytics show policy event trends and an adjustable trendline of specific policies set within your environment.

Gain critical insights into security policy events from all of your BlueCat DNS Edge service points using Splunk – a central dashboard for relevant security and performance metrics all in one place.

DNS EDGE FOR SPLUNK

BlueCat DNS Edge

A cloud-based, client-facing firewall that leverages an organization’s existing DNS data and infrastructure to provide visibility, control, and cyber threat detection capabilities to an organization.

Data Sheet BlueCat DNS Edge for Splunk>

MONITOR OR REVIEW POLICIES

Easily view the list of all policies with description, policy action and status within the Splunk app.

Export policy data as a PDF handout for review or presentations as needed, without needing direct access to DNS Edge.

CREATE OR EDIT POLICY ALERTS

Configure policy alerts directly from the DNS Edge Splunk app. Send an email, notify a Slack channel, run a script, output to a CSV lookup or generate a Webhook to fit your prefered workflow.

NAVIGATE DNS QUERY DATA

Intuitively navigate DNS query data with unique search parameters by typing in search commands or selecting and pivot on a log attributes such as timestamp or an IP address. Exploring patterns helps to identify patient zero or root out indicators of compromise (IOCs).

© 2018 BlueCat Networks (USA) Inc. and/or its affiliates. All rights reserved. BlueCat, BlueCat Networks, the BlueCat logo, BlueCat DNS/DHCP Server, BlueCat Address Manager, BlueCat Device Registration Portal and BlueCat Threat Protection are trademarks of BlueCat Networks (USA) Inc. and/or its affiliates. All other product and company names are trademarks or registered trademarks of their respective holders. BlueCat reserves the right to change, modify, transfer or otherwise revise this publication without notice.

BlueCat IPAM introduction - Westcon France - May 2011

Tenable and Splunk Integration · Splunk Splunkreceivesvulnerabilitydatacollectedby SecurityCenter Nessus NessusHost Scans,Nes-susPlugins Splunk SplunkreceivesvulnerabilitydatacollectedbyNes-

IT-as-a-Service - BlueCat @ NUBIT 2017

Managing Microsoft Active Directory DNS with BlueCatnetworking.report/Resources/Whitepapers/7664d0e0-c0bb-4c53-8839... · Managing Microsoft® Active Directory® DNS with BlueCat

v Gaining Security Insight Through DNS Analytics BlueCat Power of … · Gaining Security Insight Through DNS Analytics Scott Penney Director of Cyber Security Solutions, BlueCat

Proteus - BlueCat Networks

SPAMHAUS(スパムハウス)メールレピュテーション …...2019/06/06 · Splunk Graylog など DNS Resolver Delegation Fowarding Debian rbldnsd Ubuntu rbldnsd Bind 8 Bind

BLUECAT ADAPTIVE DNS...DNS DC IPAM A Connector. BLUECAT DNS. Highly Available, Resilient, Scalable and Secure DNS for your Network. When DNS services fail, business stops; websites

Rivium Splunk Windows · o Splunk Enterprise Security * o uberAgent* o Splunk App for Web Analytics Common Splunk Apps & Add-ons 15 SplunkingWIndows o Splunk Add-on for Microsoft

Customer Case Study: BlueCat Networks - Intellectual … Case Study: BlueCat Networks Learn More Interested in working with Intellectual Ventures? Wondering how we can help a company

Splunk conf2014 - Onboarding Data Into Splunk

The Enterprise DNS Company - BlueCat€¦ · Data Sheet BlueCat Enterprise DNS BlueCat DNS/DHCP Server (BDDS) - GEN 3 XMB3 20 45 60 100 Cloud-Based DNS …