The majority of the ten largest U.S. government agencies rely on ArcSight solutions to meet the difficult challenges of maintaining confidentiality, availability and integrity to the world’s most powerful and at risk networks. ArcSight solutions deliver the flexibility and intelligence government agencies require to accurately identify true internal and external threats. Government customers choose ArcSight solutions for:
- Ability to scale
- In-depth correlation capabilities and easy-to-use authoring tools
- Open architecture to easily integrate with proprietary technologies
- Greatest return on investment through the best elimination of false positives
"It's not a needle in a haystack. ArcSight ESM lets me find a needle in a stack of needles," Security Director of a large government agency.
Importance of Common Criteria and FIPS 140-2 Certification for SIEM Solutions
The following products are optimized for use by government organizations, and are currently deployed in products at key agencies in the U.S. and abroad:
| ArcSight Product | Description |
|---|---|
|
ArcSight ESM |
The market-leading SIEM solution for detecting sophisticated threats and risks, ArcSight ESM protects the most demanding civilian, military, and intelligence agencies around the world. ArcSight ESM provides cutting-edge correlation and detection techniques including automated pattern detection, anomaly detection, and role/behavior analysis. |
|
ArcSight Logger |
The #1 in-use log management solution among the largest private and government organizations around the globe, ArcSight Logger delivers breakthrough price-performance for high scale log collection, storage, and search. ArcSight Logger can collect and search any combination of raw or formatted log data, from any type of system or application on your network. |
|
ArcSight Secure Connectors |
ArcSight Connectors enable secure collection and transmission of any type of log data, including data from custom or classified devices, systems, and applications. Because of their unique design, ArcSight Connectors have been used to collect data from protected systems, without involvement of external parties. |
|
ArcSight FISMA Protection Package |
The ArcSight FISMA Protection application maps log data to specific requirements within the FISMA regulation, and delivers out of the box reports and dashboards to enable FISMA audit reporting. |
|
ArcSight IdentityView |
ArcSight IdentityView provides specialized monitoring of user activity, including employees, contractors, and external partners. It detects usage of shared administrative accounts, activity from terminated uses on protected networks, unusual behavior indicating account takeover, and other warning signs of potential unauthorized behavior. |
