Tom Casey Senior Vice President, Products & Technology at Splunk recently presented at Cisco Live in Melbourne about the critical intersection of digital resilience, network assurance, and cloud observability during his keynote on the main stage.
Highlighting Cisco’s integration with Splunk, Casey laid out a comprehensive vision for the future of digital experience assurance and security solutions.
“When we design products from the beginning to be integrated, we can solve problems in ways that few, if any, other vendors can.” Casey outlined.
A focal point for Casey was the importance of digital resilience, which he described as fundamentally a data problem.
“Digital resilience is about protecting and optimising the experiences of users and employees” Casey explained.
This involves providing assurance at the network layer, ensuring a superior digital experience, and offering deep observability across various operational environments, both cloud and on-premise.
The capabilities of ThousandEyes, a key component of Cisco’s network assurance toolkit. ThousandEyes offers real-time insights into network performance issues such as latency and error rates and even detecting unintended configuration changes.
“It uses AI models and data correlation to pinpoint necessary changes or holdbacks” Casey noted, reinforcing the tool’s role in identifying and resolving network issues promptly.
The forever changing and complex nature of IT environments, means the need for thorough observability is required. This also includes monitoring both first-party and third-party applications, managing Kubernetes clusters, and overseeing cloud-native applications.
Cisco’s portfolio, bolstered by Splunk’s cross-correlation capabilities over vast data volumes, provides a differentiated, end-to-end observability solution tailored to varied operational environments.
Cisco and Splunk have made strides in integrating their security frameworks, particularly with the introduction of the Extended Detection and Response (XDR) solution. XDR’s capacity to detect and act on real-time network anomalies by analysing patterns from myriad data points is reinforced by Splunk’s advanced analytics.
“XDR as a standalone solution is immensely useful,” Casey added, highlighting its suitability for less sophisticated security operations centres (SOCs).
The general availability of Splunk Enterprise Security 8.0, which includes new features such as an enhanced mission control experience, automated noise reduction, and AI-powered incident reports.
“This is a game-changer,” he declared, as he detailed the suite’s capabilities in improving security posture and incident response efficiency.
Casey revealed ongoing efforts to update technical adapters and connectors for Cisco devices to enhance signal richness within Splunk, as well as initiatives to filter and manage data more effectively.
“We really want to get the highest fidelity, most valuable signal at every layer of the security in this environment” he added.
