Technology Integration
Important
Medium
90% Confidence
Cisco Firewall 10.0 Enhances Splunk Integration and Advanced Logging
Summary
Cisco launched Secure Firewall 10.0 with a new Splunk integration wizard for simplified log export and advanced logging features for granular protocol analysis. These enhancements improve network observability and threat investigation efficiency for existing deployments.
Key Takeaways
Cisco demonstrated two key features of Firewall 10.0 at Cisco Live Amsterdam 2026.
The Splunk integration wizard offers a three-step configuration process with encrypted and unencrypted transport options, recommending syslog over eStreamer for better performance.
Advanced logging enables Zeek-style granular protocol logs in access control policies, with HTTP adding 11 fields, FTP including commands and filenames, and DNS merging requests-responses with over ten new fields for behavioral baselining and anomaly detection.
The Splunk integration wizard offers a three-step configuration process with encrypted and unencrypted transport options, recommending syslog over eStreamer for better performance.
Advanced logging enables Zeek-style granular protocol logs in access control policies, with HTTP adding 11 fields, FTP including commands and filenames, and DNS merging requests-responses with over ten new fields for behavioral baselining and anomaly detection.
Why It Matters
intensifying competition with similar vendors. Cisco strengthens its security observability strategy through deep integration and log enhancement...