ArcSight ESM - Enterprise Security Manager
Monitor User Activity
Simplify Compliance
Stop Cyberthreats
What is ArcSight ESM?
ArcSight ESM is the market-leading SIEM solution used by the most demanding public and private organizations in the world. It protects these firms from external threats such as bots and worms, and internal risks such as fraud and theft.
- OVERVIEW
- SPECS
- VIDEO
- RESOURCES
What It Does
ArcSight ESM is the brain of the ArcSight SIEM platform. It analyzes and correlates every event that occurs across the organization – every login, logoff, file access, database query, etc. – to deliver accurate prioritization of security risks and compliance violations. The powerful correlation engine of ArcSight ESM sifts through millions of log records to find the critical incidents that matter. These incidents are then presented through real-time dashboards, notifications or reports to the security administrator.
How It's Different
With deep understanding of network activities and flows, users, and roles, ArcSight ESM is uniquely able to understand who is on the network, what data they are seeing, which actions they are taking with that data, and how that affects business risk. Unlike competing products, ArcSight ESM can collect from any and every system or device on the network, categorize the data for powerful analysis, and apply modern techniques including pattern recognition and behavioral analysis to detect the sophisticated threats that are hurting organizations every day. Once threats and risks are identified, ArcSight ESM uses its built-in workflow engine to manage incidents and prevent damage.
What's New
- The most sophisticated correlation techniques for accurate incident prioritization
- Behavior-based pattern detection to identify advanced persistent threats (APTs)
- Security against bots, worms, viruses, zero day attacks and hacking attempts
- IT Policy compliance for bandwidth usage and network resource allocation
- Regulatory compliance readiness for government and industry audits
Appliance Specifications
| Model | E7200 |
|---|---|
| Max EPS (Sustained) | 5000 EPS/3000 EPS |
| OS | Oracle Enterprise Linux 4 (RedHat variant) |
| CPU | 2 x Intel Xeon E5504 Quad Core |
| RAM | 24GB |
| Interfaces | 4 x 10/100/1000 |
| Storage | 6 x 600GB - Serial Attached SCSI (SAS) disks in RAID 10 |
| Chassis | 2U Rack-mountable appliance |
| Power | 2 x 870W - Redundant |
| Thermal | 3000 BTU/hr |
| Weight | 78 lbs (36 kg) |
| Dimensions (DxWxH) | 26.8" x 17.4" x 3.4" |
| Minimum System Requirements | ArcSight ESM Manager Software |
|---|---|
| Supported OS | RedHat Linux, MS Windows Server 2003 32- or 64-bit, IBM AIX 5L 5.3 64 bit, Solaris 9/10 32- or 64-bit |
| Hardware Requirements | Linux or Windows – x86 Multi-Core CPU at least 1.0 GHz, 2-4 GB RAM and 2GB disk space IBM AIX – PPC Multi-CPU with 16 GB RAM and 2 GB disk space Sun Solaris – Sparc Multi-CPU system with 2-4 GB RAM and 2 GB disk space |
Actual performance will depend on factors specific to a user’s environment.
ArcSight Case Study: McAfee
ArcSight ESM helped improve McAfee's overall security posture and also enabled them to be SOX and PCI compliance. Watch the Video
ArcSight Case Study: Northrop Grumman
ArcSight provides Northrop Grumman's government and commercial clients with a centrally located, one-stop-shop security solution that meets their current requirements and scales for future expanding needs. Watch the Video
ArcSight Case Study: Bell Canada
ArcSight provides Bell Canada with a scalable, best-in-breed SIEM solution. Watch the Video
ArcSight Case Study: BMW
ArcSight helps BMW drastically decrease incidence response times. Watch the Video
ARCSIGHT ESM RESOURCES
Product Briefs | Case Studies | Webinars | Whitepapers
PRODUCT BRIEFS
CASE STUDIES
WEBINARS
WHITEPAPERS
