What is ArcSight Express?
HP ArcSight Express is the only family of security appliances that combines security event correlation, log management, IT search, NetFlow monitoring, compliance reporting and guided response into a single, easy-to-deploy and easy-to-use solution.
- Overview
- Specs
- Video
- Resources
What It Does
HP ArcSight Express correlates seemingly unrelated events and NetFlow data from network devices using the most advanced real-time correlation techniques. By correlating disparate events and NetFlow data, it can detect even the most subtle attacks. As a result, organizations can cut through millions of activities to focus on the most critical incidents affecting the organization. This provides better security and faster response with fewer resources. ArcSight Express also includes the first log management solution to fully integrate field-based and raw text search across structured and unstructured log data.
How It's Different
The volume and sophistication of malicious software that result in data theft have drastically increased. Consequently event management and correlation solutions need to be able to process much greater amounts of data to detect threats to corporate servers, networks, applications and users. ArcSight Express is the first SIEM product to use the unique Correlation Optimized Retention and Retrieval Engine (CORR-Engine) as the underlying architecture to allow organizations to scale to meet the threats they face. This new architecture results in true universal visibility across enterprises and their Big Data requirements.
What's New
- CORR-Engine: Re-architected data-store optimized for correlating huge amounts of data
- Integrated NetFlow, security and privileged user monitoring for accurate incident prioritization
- IT Policy compliance for bandwidth usage and network resource allocation
- Regulatory compliance readiness for government and industry audits
- New management console to streamline SIEM administration
HP ArcSight Express Appliance Specifications
| Model | AE7405 | AE7410 | AE7425 | AE7450 | AE7465 | AE7480 |
|---|---|---|---|---|---|---|
| Max Devices | 750 | 750 | 750 | 750 | 1500 | 1500 |
| Peak EPS/Flows | 500/50K Flows | 1,000/50K Flows | 2,500/50K Flows | 5,000/50K Flows | 10,000/50K Flows | 15,000/50K Flows |
| Max Assets | 5,000 | 5,000 | 10,000 | 10,000 | 25,000 | 25,000 |
| System OS | Red Hat Enterprise Linux 5 64-bit | |||||
| Web Users | Unlimited | |||||
| CPU | 2 x Intel Xeon E5620 Quad Core 2.4 GHz | |||||
| Interfaces | 4 x 10/100/1000 | |||||
| RAM | 36GB | |||||
| Storage | 6 x 600GB - SAS disks in RAID-10 | |||||
| Chassis | 2U | |||||
| Power | 2x 750W CS Platinum 100-240 VAC | |||||
| Dimensions | 27.3"x 17.6"x 3.4" | |||||
Actual performance will depend on factors specific to a user’s environment.
ArcSight Express Product Overview
Aarij Khan, Director of Product Marketing at ArcSight, gives a brief overview the newest appliance-based Network Monitoring solution - ArcSight Express. ArcSight Express improves security by reducing threat volume, mitigates sophisticated threats, and helps you pass your audits with the lowest effort and cost. Watch the Video
ArcSight Case Study: Long Term Care Partners
Long Term Care Partners uses ArcSight Express on a daily basis to automatically review log files, monitor its network for suspicious incidents, demonstrate compliance more efficiently and understand exactly what is happening at all times. Watch the Video
ARCSIGHT EXPRESS RESOURCES
Product Briefs | Case Studies | Webinars | Whitepapers
PRODUCT BRIEFS
CASE STUDIES
WEBINARS
WHITEPAPERS
