{"id":556,"date":"2013-08-20T15:43:13","date_gmt":"2013-08-20T20:43:13","guid":{"rendered":"http:\/\/www.webadminblog.com\/?p=556"},"modified":"2013-08-21T08:47:32","modified_gmt":"2013-08-21T13:47:32","slug":"first-impression-of-lynxeon-2-29","status":"publish","type":"post","link":"https:\/\/www.webadminblog.com\/index.php\/2013\/08\/20\/first-impression-of-lynxeon-2-29\/","title":{"rendered":"First Impression of LYNXeon 2.29"},"content":{"rendered":"<p>Let&#8217;s say that you go to the same restaurant at least once a week for an entire year.\u00a0 The staff is always friendly, the menu always has something that sounds appealing, and the food is always good enough to keep you coming back for more.\u00a0 The only real drawback is that it usually takes a solid half-hour to get your food, but you&#8217;ve learned to find something else to do while you&#8217;re waiting because it&#8217;s always been worth the wait.\u00a0 Today you go into the same restaurant, but now the staff goes out of their way to service you, the menu has twice as much selection as before, the food is literally the best thing you&#8217;ve ever tasted, and it was on your table just the way you like it within 30 seconds of placing your order.\u00a0 This is my initial impression of the newly released version of 21CT&#8217;s <a href=\"http:\/\/www.21ct.com\/products\/lynxeon\/\">LYNXeon<\/a> software (version 2.29).<\/p>\n<p>I&#8217;ll be honest.\u00a0 Before we upgraded to the new version I had mixed feelings.\u00a0 On one hand, I loved the data that the LYNXeon platform was giving me.\u00a0 The ability to comb through NetFlow data and find potentially malicious patterns in it was unlike any other security tool that I&#8217;ve experienced.\u00a0 On the other hand, the queries sometimes ran for half an hour or more before I had any results to analyze.\u00a0 I learned to save my queries for when I knew my computer would be sitting idle for a while.\u00a0 It was a burden that I was willing to undertake for the results, but a burden nonetheless.\u00a0 We upgraded to LYNXeon 2.29 less than a week ago, but already I can tell that this is a huge leap in the right direction for 21CT&#8217;s flagship network pattern analysis software.\u00a0 Those same queries that used to take 30 minutes now take 30 seconds or less to complete.\u00a0 The reason being is a massive overhaul of the database layer of the platform.\u00a0 By switching to a grid-based, column-oriented, database structure for storing and querying data, the product was transformed from a pack mule into a thoroughbred.<\/p>\n<p>Enhanced performance wasn&#8217;t the only feature that found it&#8217;s way into the 2.29 release.\u00a0 They also refactored the way that LYNXeon consumes data as well.\u00a0 While the old platform did a fairly good job of consuming NetFlow data, adding in other data sources to your analytics was a challenge to say the least; usually requiring custom integration work to make it happen.\u00a0 The new platform has added the concept of a connector with new data types and a framework around how to ingest these different types of data.\u00a0 It may still require some assistance from support in order to consume data types other than NetFlow, but it&#8217;s nowhere near the level of effort it was before the upgrade.\u00a0 We were up and running with the new version of LYNXeon, consuming NetFlow, IPS alerts, and alerts from our FireEye malware prevention system, in a few hours.\u00a0 The system is capable of adding DNS queries, HTTP queries, and so much more.\u00a0 What this amounts to is that LYNXeon is now a flexible platform that can allow you to consume data from many different security tools and then visualize and correlate them in one place.\u00a0 Kinda like a SIEM, but actually useful.<\/p>\n<p>As with any tool, I&#8217;m sure that LYNXeon 2.29 won&#8217;t be without it&#8217;s share of bugs, but overall the new platform is a huge improvement over the old and with what I&#8217;ve seen so far I gotta say that I&#8217;m impressed.\u00a0 21CT is undoubtedly moving in the right direction and I&#8217;m excited to see what these guys do with the platform going forward.\u00a0 That&#8217;s my first impression of the 21CT LYNXeon 2.29 release.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Let&#8217;s say that you go to the same restaurant at least once a week for an entire year.\u00a0 The staff is always friendly, the menu always has something that sounds appealing, and the food is always good enough to keep you coming back for more.\u00a0 The only real drawback is that it usually takes a [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[489,28,96],"tags":[533,480,536,532,535,537,483,479,78,538,534,486,475],"class_list":["post-556","post","type-post","status-publish","format-standard","hentry","category-netflow-networking","category-security","category-software-and-tools","tag-2-29","tag-21ct","tag-features","tag-fireeye","tag-impressions","tag-intrusion","tag-ips","tag-lynxeon","tag-performance","tag-prevention","tag-review","tag-siem","tag-speed"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pfI0c-8Y","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/556","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/comments?post=556"}],"version-history":[{"count":6,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/556\/revisions"}],"predecessor-version":[{"id":563,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/556\/revisions\/563"}],"wp:attachment":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/media?parent=556"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/categories?post=556"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/tags?post=556"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}