by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : April 15, 2016
All data has value. When you combine, compare, and analyze different data sets, the value of that data increases exponentially. Getting the most value out of your data requires three things: the ability to search complex data sets in real time, the flexibility to combine data sets in different ways, and the speed necessary to get critical results fast enough to initiate time-sensitive actions. With these three capabilities, agencies have the information they need to make the best possible decisions. Splunk software is one of the most widely used data analysis tools throughout the federal government. It creates operational intelligence by collecting, indexing, monitoring, and analyzing machine data. In the area of threat intelligence, for example, agencies can use Splunk Enterprise to aggregate, deduplicate, and operationalize threat intelligence from multiple sources in a way that delivers fast, contextual incident response. FAST AND FLEXIBLE While Splunk Enterprise can significantly improve detection and response, the platform it uses can make a big difference in speed of analysis. Speeds are slower when Splunk is run on servers with spinning disk. When Splunk is run on faster solid-state storage, the results are much faster. Agencies conducting searches using Splunk Enterprise on a NetApp E-Series data storage system with solid state drives (SSD) will see a 60 percent performance increase over running the same search on direct-attached spinning disk. That speed can make a big difference when it comes to time-sensitive searches. NetApp E-Series storage systems use the latest in solid-state and traditional disk technologies. They provide superior business value by making SSD affordable and practical in a Splunk environment. One of the reasons Splunk running on NetApp’s E-Series is more cost effective is because the E-Series decouples storage from compute resources allowing them to be scaled independently. “Time matters with Splunk. Faster query responses lead to better questions and ultimately a more comprehensive operational intelligence,” says Finn Ramsland, director of engineering and technology at ClearShark, a technology solution provider to the federal government and partner of both Splunk and NetApp. “The way you make those responses faster is to have as much data as possible on solid-state drives, specifically your hot and warm buckets.” What Ramsland is talking about is Splunk’s method of retaining aging data. Supporting a tiered storage model, Splunk divides data into hot, warm, cold and frozen buckets. Users can determine how long to keep specific data sets in each bucket and can change them as needs change. n Hot buckets are for active, most current data; open for writing; stored on solid-state drives. n Warm buckets are for more current data; typically 30 days retention; stored on solid-state drives. n Cold buckets are for older data; typically 30 days to 1 year retention; can reside on less expensive, slower spinning disks. n Frozen buckets are for archived data. Running Splunk on NetApp E-Series storage also gives agencies much more flexibility. With direct-attached storage, for example, agencies must commit to buying a specific amount of solid-state and spinning disk storage per server. If the percentages aren’t right, or if they suddenly need more storage performance to run critical searches, the agency is on the hook for buying more costly servers and possibly exceeding their power, space, and cooling budget. Using the E-Series instead of local server storage, it’s easy to scale up the solid-state storage independently to provide high performance searching over a larger amount of data. Finally, the E-Series’ Dynamic Disk Pool (DDP) feature simplifies RAID management and provides redundancy in the case of disk failure. It does this by distributing data protection information and spare capacity across a pool of drives. That means Splunk searches won’t be affected by drive failures, which could potentially impact data fidelity and search availability. E-Series also allows for seamless SSD scaling which painlessly increases hot and warm buckets storage space by adding drives to the pool. By combining NetApp’s high speed, flexible storage technology with Splunk’s flexible, powerful data analytics, government agencies can truly derive the most value from their data. ABOUT CLEARSHARK ClearShark is a value-added reseller fully committed to Splunk, NetApp, and the federal government. ClearShark delivers customized, integrated, and managed cybersecurity, enterprise storage, virtualization, high performance computing, datacenter, and cloud infrastructure solutions. They have received Partner of the Year awards from both Splunk and NetApp. Get the Most Value from Data GameChanger DATA ANALYTICS CRITICAL FOR DATA DEFENSE SPONSORED CONTENT DATA DRIVEN CYBERSECURITY For more information, please visit: www.clearshark.com 0316_GameChanger_ClearShark_Splunk_NetApp_final.indd 3 3/17/16 12:49 PM
March 30, 2016
April 30, 2016