ArcSight ESM features a complete
Reporting System including basic
compliance reporting. The intent
is to provide immediately useful
reports pre-packaged reports to
cover the most common
operational and management
information that an organization
would expect to see on a daily,
weekly and monthly basis.
Reports can be easily modified
and extended with a simple
report-writer interface accessed
directly on the console.
ArcSight ESM also provides real
time updates of selected reports
via the Dashboard™, which
displays up to 10 reports on the
console for immediate reference.
Because the ArcSight Manager
maintains real time oversight
over all the security
information, ArcSight ESM also
uses the report structure to
identify anomalous network
activity. The ArcSight delta
report compares the results of
reports run periodically and
identifies an outcome that meets
or exceeds a pre-defined
threshold. A smart-rule that is
paired with this comparison then
notifies the staff that an
anomaly has occurred.
 |
