SlideShare a Scribd company logo

Firewall and its analytics using Splunk

Download as PPTX, PDF
Vikram Kumar Yadav
Vikram Kumar Yadav

Investigation of Firewall logs, using Zyxel Firewall app as an example. With instant visualization, the users will be able to see Zyxel Firewall info, Usage statistics and Security inspection

Education
1 of 21
© 2 0 1 9 S P L U N K I N C . Splunk Mumbai User Group  Join splunk_mumbai_usergroup on Slack  Use _mumbai_usergroup for Q&A during session.  Please keep your line muted .  Questions/doubts to be entered in conversation.  Slides, Recording and Feedback form will be posted on the Event Page after the session. https://usergroups.splunk.com/mumbai-splunk-user-group/
© 2 0 1 9 S P L U N K I N C . Speaker and Panel members Ajith Ashok Nayak Tech Lead (Avotrix) 3+ years of experience as Splunk Admin. Enterprise Security and ITSI Ashvin Pandey Analyst(Avotrix) Vignesh Naidu Director(Avotrix) Vikram Yadav Sr. Analyst(Avotrix)
© 2 0 1 9 S P L U N K I N C . Firewall and its analytics using Splunk
© 2 0 1 9 S P L U N K I N C . Agenda 1) Security concern during pandemic. 2) What is Firewall? 3) Firewall Logs. 4) Firewall log analytics using Splunk. 5) Q & A (10-15 minutes)
© 2 0 1 9 S P L U N K I N C . Work from Home Security teams to be more Resilient Security teams to be more Flexible
© 2 0 1 9 S P L U N K I N C . VPN Traffic VPN traffic shot up by 200% Increased data breach cost !
© 2 0 1 9 S P L U N K I N C . Data Breach 66% of Indian Organization 1,92,000 coronavirus related cyberattacks
© 2 0 1 9 S P L U N K I N C . Time to detect and contain 76% experts views 400% increase in Scams
© 2 0 1 9 S P L U N K I N C . Firewall
© 2 0 1 9 S P L U N K I N C . Working of Firewall
© 2 0 1 9 S P L U N K I N C . Firewall Logs 1) Traffic Logs 2) System Monitoring Logs 3) DHCP Logs 4) Security Policy Control Logs
© 2 0 1 9 S P L U N K I N C . Widely used Firewalls
© 2 0 1 9 S P L U N K I N C . Avotrix Architecture Zyxel Firewall Avotrix Employees Hackers
© 2 0 1 9 S P L U N K I N C . ZyXEL firewall logs in Splunk
© 2 0 1 9 S P L U N K I N C . ZyXel Firewall app for Splunk
© 2 0 1 9 S P L U N K I N C . Installation and Configuration 1) Installation 2) Configuration
© 2 0 1 9 S P L U N K I N C . ZyXEL Firewall Log Analytics Using Splunk
© 2 0 1 9 S P L U N K I N C . Usage Statistics
© 2 0 1 9 S P L U N K I N C . Security
© 2 0 1 9 S P L U N K I N C . Questions?
Thank You © 2 0 1 9 S P L U N K I N C .

Recommended

Gogs App for Splunk
Gogs App for SplunkGogs App for Splunk
Gogs App for SplunkVikram Kumar Yadav
 
Splunk metrics via telegraf
Splunk metrics via telegrafSplunk metrics via telegraf
Splunk metrics via telegrafAshvin Pandey
 
Splunk Data Stream Processor (DSP)
Splunk Data Stream Processor (DSP)Splunk Data Stream Processor (DSP)
Splunk Data Stream Processor (DSP)Anthony Reinke
 
Recommend 10 splunk apps-Bangkok Splunk Meetup#1
Recommend 10 splunk apps-Bangkok Splunk Meetup#1Recommend 10 splunk apps-Bangkok Splunk Meetup#1
Recommend 10 splunk apps-Bangkok Splunk Meetup#1stelligence
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMike Villiger
 
DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.Emerasoft, solutions to collaborate
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHVMware Tanzu
 
Customer Presentation - KCP&L
Customer Presentation - KCP&LCustomer Presentation - KCP&L
Customer Presentation - KCP&LSplunk
 

Recommended

Gogs App for Splunk
Gogs App for SplunkGogs App for Splunk
Gogs App for SplunkVikram Kumar Yadav
 
Splunk metrics via telegraf
Splunk metrics via telegrafSplunk metrics via telegraf
Splunk metrics via telegrafAshvin Pandey
 
Splunk Data Stream Processor (DSP)
Splunk Data Stream Processor (DSP)Splunk Data Stream Processor (DSP)
Splunk Data Stream Processor (DSP)Anthony Reinke
 
Recommend 10 splunk apps-Bangkok Splunk Meetup#1
Recommend 10 splunk apps-Bangkok Splunk Meetup#1Recommend 10 splunk apps-Bangkok Splunk Meetup#1
Recommend 10 splunk apps-Bangkok Splunk Meetup#1stelligence
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMike Villiger
 
DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.Emerasoft, solutions to collaborate
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHVMware Tanzu
 
Customer Presentation - KCP&L
Customer Presentation - KCP&LCustomer Presentation - KCP&L
Customer Presentation - KCP&LSplunk
 
AppleWatch_Presentation
AppleWatch_PresentationAppleWatch_Presentation
AppleWatch_PresentationRuptapas Chakraborty
 
IP Security over VPN
IP Security over VPNIP Security over VPN
IP Security over VPNSyed Ubaid Ali Jafri
 
Outpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferayArmel Nene
 
Storlets Project Update for Train
Storlets Project Update for TrainStorlets Project Update for Train
Storlets Project Update for TrainKota Tsuyuzaki
 
StackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite Talk
StackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite TalkStackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite Talk
StackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite TalkStackStorm
 
SplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer SessionSplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer SessionSplunk
 
Top ten OSS products cutting out costs and making a difference in the public ...
Top ten OSS products cutting out costs and making a difference in the public ...Top ten OSS products cutting out costs and making a difference in the public ...
Top ten OSS products cutting out costs and making a difference in the public ...Ubertas
 
Monitoring large scale Docker production environments
Monitoring large scale Docker production environmentsMonitoring large scale Docker production environments
Monitoring large scale Docker production environmentsAlois Reitbauer
 
7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud Adoption7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud AdoptionProtectWise
 
Nagios-yating
Nagios-yatingNagios-yating
Nagios-yatingyating yang
 
Solaris servers sec
Solaris servers secSolaris servers sec
Solaris servers secRaja Waseem Akhtar
 
Security/Auditing in Puppet
Security/Auditing in PuppetSecurity/Auditing in Puppet
Security/Auditing in Puppetrobertmaury
 
Check point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitiveCheck point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitiveMoti Sagey מוטי שגיא
 
Cisco asa fire power services
Cisco asa fire power servicesCisco asa fire power services
Cisco asa fire power servicesTapan Doshi
 
Building open source monitoring tools
Building open source monitoring toolsBuilding open source monitoring tools
Building open source monitoring toolsMercedes Coyle
 
Mod Security
Mod SecurityMod Security
Mod SecurityAbhishek Singh
 
Cork.net - 26.01.2021
Cork.net - 26.01.2021Cork.net - 26.01.2021
Cork.net - 26.01.2021Jürgen Gutsch
 
Soasta New Features in CloudTest & TouchTest Webinar
Soasta New Features in CloudTest & TouchTest WebinarSoasta New Features in CloudTest & TouchTest Webinar
Soasta New Features in CloudTest & TouchTest WebinarJennifer Finney
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtubeDhruv Sharma
 
Security Automation & Orchestration
Security Automation & OrchestrationSecurity Automation & Orchestration
Security Automation & OrchestrationSplunk
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk
 

More Related Content

What's hot

Outpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferayArmel Nene
 
Storlets Project Update for Train
Storlets Project Update for TrainStorlets Project Update for Train
Storlets Project Update for TrainKota Tsuyuzaki
 
StackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite Talk
StackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite TalkStackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite Talk
StackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite TalkStackStorm
 
SplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer SessionSplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer SessionSplunk
 
Top ten OSS products cutting out costs and making a difference in the public ...
Top ten OSS products cutting out costs and making a difference in the public ...Top ten OSS products cutting out costs and making a difference in the public ...
Top ten OSS products cutting out costs and making a difference in the public ...Ubertas
 
Monitoring large scale Docker production environments
Monitoring large scale Docker production environmentsMonitoring large scale Docker production environments
Monitoring large scale Docker production environmentsAlois Reitbauer
 
7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud Adoption7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud AdoptionProtectWise
 
Security/Auditing in Puppet
Security/Auditing in PuppetSecurity/Auditing in Puppet
Security/Auditing in Puppetrobertmaury
 
Cisco asa fire power services
Cisco asa fire power servicesCisco asa fire power services
Cisco asa fire power servicesTapan Doshi
 
Building open source monitoring tools
Building open source monitoring toolsBuilding open source monitoring tools
Building open source monitoring toolsMercedes Coyle
 
Soasta New Features in CloudTest & TouchTest Webinar
Soasta New Features in CloudTest & TouchTest WebinarSoasta New Features in CloudTest & TouchTest Webinar
Soasta New Features in CloudTest & TouchTest WebinarJennifer Finney
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtubeDhruv Sharma
 

What's hot (20)

AppleWatch_Presentation
AppleWatch_PresentationAppleWatch_Presentation
AppleWatch_Presentation
 
IP Security over VPN
IP Security over VPNIP Security over VPN
IP Security over VPN
 
Outpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud Environments
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferay
 
Storlets Project Update for Train
Storlets Project Update for TrainStorlets Project Update for Train
Storlets Project Update for Train
 
StackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite Talk
StackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite TalkStackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite Talk
StackStorm Product Highlights - DevOps Enterprise 2014 After-Party Ignite Talk
 
SplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer SessionSplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer Session
 
Top ten OSS products cutting out costs and making a difference in the public ...
Top ten OSS products cutting out costs and making a difference in the public ...Top ten OSS products cutting out costs and making a difference in the public ...
Top ten OSS products cutting out costs and making a difference in the public ...
 
Monitoring large scale Docker production environments
Monitoring large scale Docker production environmentsMonitoring large scale Docker production environments
Monitoring large scale Docker production environments
 
7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud Adoption7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud Adoption
 
Nagios-yating
Nagios-yatingNagios-yating
Nagios-yating
 
Solaris servers sec
Solaris servers secSolaris servers sec
Solaris servers sec
 
Security/Auditing in Puppet
Security/Auditing in PuppetSecurity/Auditing in Puppet
Security/Auditing in Puppet
 
Check point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitiveCheck point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitive
 
Cisco asa fire power services
Cisco asa fire power servicesCisco asa fire power services
Cisco asa fire power services
 
Building open source monitoring tools
Building open source monitoring toolsBuilding open source monitoring tools
Building open source monitoring tools
 
Mod Security
Mod SecurityMod Security
Mod Security
 
Cork.net - 26.01.2021
Cork.net - 26.01.2021Cork.net - 26.01.2021
Cork.net - 26.01.2021
 
Soasta New Features in CloudTest & TouchTest Webinar
Soasta New Features in CloudTest & TouchTest WebinarSoasta New Features in CloudTest & TouchTest Webinar
Soasta New Features in CloudTest & TouchTest Webinar
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtube
 

Similar to Firewall and its analytics using Splunk

Security Automation & Orchestration
Security Automation & OrchestrationSecurity Automation & Orchestration
Security Automation & OrchestrationSplunk
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior AnalyticsSplunk
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk
 
Encontro anual para apresentação das novidades da .conf23
Encontro anual para apresentação das novidades da .conf23Encontro anual para apresentação das novidades da .conf23
Encontro anual para apresentação das novidades da .conf23Rafael Santos
 
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...Splunk
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk
 
Best of .conf21 Session Recommendations
Best of .conf21 Session RecommendationsBest of .conf21 Session Recommendations
Best of .conf21 Session RecommendationsSplunk
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsSplunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsHarry McLaren
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
Splunk enterprise security_splunk_bengaluru_user_group_2020_10_03
Splunk enterprise security_splunk_bengaluru_user_group_2020_10_03Splunk enterprise security_splunk_bengaluru_user_group_2020_10_03
Splunk enterprise security_splunk_bengaluru_user_group_2020_10_03NiketNilay
 
IoT Analytics @ splunk
IoT Analytics @ splunkIoT Analytics @ splunk
IoT Analytics @ splunkSplunk
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk OverviewSplunk
 
Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...
Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...
Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...Splunk
 
Do You Really Need to Evolve From Monitoring to Observability?
Do You Really Need to Evolve From Monitoring to Observability?Do You Really Need to Evolve From Monitoring to Observability?
Do You Really Need to Evolve From Monitoring to Observability?Splunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseShannon Cuthbertson
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk
 

Similar to Firewall and its analytics using Splunk (20)

Security Automation & Orchestration
Security Automation & OrchestrationSecurity Automation & Orchestration
Security Automation & Orchestration
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
 
Encontro anual para apresentação das novidades da .conf23
Encontro anual para apresentação das novidades da .conf23Encontro anual para apresentação das novidades da .conf23
Encontro anual para apresentação das novidades da .conf23
 
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
 
Best of .conf21 Session Recommendations
Best of .conf21 Session RecommendationsBest of .conf21 Session Recommendations
Best of .conf21 Session Recommendations
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsSplunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOps
 
CV Steve Shawcross
CV Steve ShawcrossCV Steve Shawcross
CV Steve Shawcross
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
 
Splunk enterprise security_splunk_bengaluru_user_group_2020_10_03
Splunk enterprise security_splunk_bengaluru_user_group_2020_10_03Splunk enterprise security_splunk_bengaluru_user_group_2020_10_03
Splunk enterprise security_splunk_bengaluru_user_group_2020_10_03
 
IoT Analytics @ splunk
IoT Analytics @ splunkIoT Analytics @ splunk
IoT Analytics @ splunk
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
 
Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...
Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...
Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...
 
Do You Really Need to Evolve From Monitoring to Observability?
Do You Really Need to Evolve From Monitoring to Observability?Do You Really Need to Evolve From Monitoring to Observability?
Do You Really Need to Evolve From Monitoring to Observability?
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBA
 

Recently uploaded

Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 

Recently uploaded (20)

Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 

Firewall and its analytics using Splunk

  • 1. © 2 0 1 9 S P L U N K I N C . Splunk Mumbai User Group  Join splunk_mumbai_usergroup on Slack  Use _mumbai_usergroup for Q&A during session.  Please keep your line muted .  Questions/doubts to be entered in conversation.  Slides, Recording and Feedback form will be posted on the Event Page after the session. https://usergroups.splunk.com/mumbai-splunk-user-group/
  • 2. © 2 0 1 9 S P L U N K I N C . Speaker and Panel members Ajith Ashok Nayak Tech Lead (Avotrix) 3+ years of experience as Splunk Admin. Enterprise Security and ITSI Ashvin Pandey Analyst(Avotrix) Vignesh Naidu Director(Avotrix) Vikram Yadav Sr. Analyst(Avotrix)
  • 3. © 2 0 1 9 S P L U N K I N C . Firewall and its analytics using Splunk
  • 4. © 2 0 1 9 S P L U N K I N C . Agenda 1) Security concern during pandemic. 2) What is Firewall? 3) Firewall Logs. 4) Firewall log analytics using Splunk. 5) Q & A (10-15 minutes)
  • 5. © 2 0 1 9 S P L U N K I N C . Work from Home Security teams to be more Resilient Security teams to be more Flexible
  • 6. © 2 0 1 9 S P L U N K I N C . VPN Traffic VPN traffic shot up by 200% Increased data breach cost !
  • 7. © 2 0 1 9 S P L U N K I N C . Data Breach 66% of Indian Organization 1,92,000 coronavirus related cyberattacks
  • 8. © 2 0 1 9 S P L U N K I N C . Time to detect and contain 76% experts views 400% increase in Scams
  • 9. © 2 0 1 9 S P L U N K I N C . Firewall
  • 10. © 2 0 1 9 S P L U N K I N C . Working of Firewall
  • 11. © 2 0 1 9 S P L U N K I N C . Firewall Logs 1) Traffic Logs 2) System Monitoring Logs 3) DHCP Logs 4) Security Policy Control Logs
  • 12. © 2 0 1 9 S P L U N K I N C . Widely used Firewalls
  • 13. © 2 0 1 9 S P L U N K I N C . Avotrix Architecture Zyxel Firewall Avotrix Employees Hackers
  • 14. © 2 0 1 9 S P L U N K I N C . ZyXEL firewall logs in Splunk
  • 15. © 2 0 1 9 S P L U N K I N C . ZyXel Firewall app for Splunk
  • 16. © 2 0 1 9 S P L U N K I N C . Installation and Configuration 1) Installation 2) Configuration
  • 17. © 2 0 1 9 S P L U N K I N C . ZyXEL Firewall Log Analytics Using Splunk
  • 18. © 2 0 1 9 S P L U N K I N C . Usage Statistics
  • 19. © 2 0 1 9 S P L U N K I N C . Security
  • 20. © 2 0 1 9 S P L U N K I N C . Questions?
  • 21. Thank You © 2 0 1 9 S P L U N K I N C .