|
|
 |
|
| ArcSight
Manager |
The nerve center
of ArcSight ESM
is the ArcSight
Manager.
ArcSight Manager
is a server
based system
that controls
data management,
the correlation
engine and
information
display. It is
also the
foundation for a
well-defined
incident
response
workflow that
dramatically
reduces the time
required to
investigate and
resolve
problems.
ArcSight Manager
also includes:
- An
automated
notification
system that
can send
messages to
the console,
a web
browser,
pagers, and
cell phones
- A case
management
system that
houses the
complete set
of incident
information
in a single
file that
can be
viewed and
updated by
any
authorized
staff member
- A
knowledge
base of
relevant
industry,
vendor, and
organization
policies and
procedures
for handling
specific
types of
problems.
The
knowledge
base can be
continuously
improved via
Common
Vulnerabilities
and
Exposures (CVE)
and Computer
Emergency
Response
Team (CERT)
alerts,
vendor
updates and
new
approaches
developed by
the security
staff
- The
ability to
launch
scripts and
programs
directly
from the
ArcSight
Console to
immediately
manage an
active
incident.
|
|
|
|
|
|
|
|
|
|
| |
Click here to get more information about ArcSight. |
|
|
