Splunk Enterprise Security

What features are available in these apps that are not available in the Splunk App for Enterprise Security?

Maheshparsi
Explorer

Hi All,

I need to know the features that are not available in the Splunk App for Enterprise Security that are available in Cisco Security Suite, McAfee Web Gateway, Splunk for Bluecoat, Splunk for F5 networks.

Can anyone help me in finding this?

Thanks in advance,

Thanks & Regards,
Mahesh P.

0 Karma
1 Solution

mdessus_splunk
Splunk Employee
Splunk Employee

Hello,

you will find more specific dashboards in apps focused on one kind of device, but it will be easy to import them in ES or add a customized version. Anyway, in a lot of cases, you will need at least TA from Cisco or F5 apps to load and normalize the data.
I think you should ask the question in another way: what are your needs ? If you focus on security and already have a good security maturity, ES does the job. Other wise, try custom apps based on F5 and Cisco apps.

View solution in original post

0 Karma

mdessus_splunk
Splunk Employee
Splunk Employee

Hello,

you will find more specific dashboards in apps focused on one kind of device, but it will be easy to import them in ES or add a customized version. Anyway, in a lot of cases, you will need at least TA from Cisco or F5 apps to load and normalize the data.
I think you should ask the question in another way: what are your needs ? If you focus on security and already have a good security maturity, ES does the job. Other wise, try custom apps based on F5 and Cisco apps.

View solution in original post

0 Karma

Maheshparsi
Explorer

Hi mdessus,

We have a requirement, where in our client is already using Enterprise Security app in splunk. Our client require new features that are not available in Enterprise Security app. so that is why I need to know the features. Features means not in terms of capability.
For suppose, we have Threat Security dashboards in Enterprise Security app, In Cisco security Suite we have Firewall related dashboards.In same way there will be some different features between Enterprise Security app and Cisco Security Suite,McAfee Web Gateway,Splunk for Bluecoat,Splunk for F5 networks.

Thanks in advance,

Mahesh P.

0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!