Just announced!

Get more from your ESM deployment with HP ArcSight Application View. Monitor and correlate application security events during production. Trial software available now!

 

Insight for situational awareness

HP ArcSight ESM is the premiere security event manager that analyzes and correlates every event in order to help your IT SOC team with security event monitoring, from compliance and risk management to security intelligence and operations. ESM sifts through millions of log records, and correlates them to find the critical events that matter in real time via dashboards, notifications, and reports, so you can accurately prioritize security risks and compliance violations.

Key features

  • A cost-effective solution for all your regulatory compliance needs
  • Automated log collection and archiving
  • Fraud detection
  • Real-time threat detection
  • Forensic analysis capabilities for cyber security
 

Related products

  • HP ArcSight Connector

    Out-of-the box connectors to collect, consolidate and normalize data to unify searching, reporting and analysis

  • HP ArcSight Express

    A security management software solution for collecting log activity, consolidating information for storage efficiency and correlating events

  • HP ArcSight IdentityView

    An application built on HP's SIEM platform for monitoring user activity across accounts, applications and systems

  • HP ArcSight LoggerUniversal log management solution for collecting machine data from any log generating source that unify searching, storing, and analysis
  • HP ArcSight Threat DetectorProactively identify abnormal behavior patterns facilitating detection and prioritization of security threats
  • HP ArcSight Threat Response ManagerIntegrated end-to-end network security and event monitoring

Add a new dimension to your ArcSight security logs

HP ArcSight Application View is new technology that retrofits applications with HP Fortify's Runtime™ technology. Application View creates logs of application security events that happen, unifies those logs using the ArcSight Common Event Format (CEF), and feeds them into the ArcSight correlation engine to correlate application events with other security events. This gives you greater visibility, early detection of threats, and the ability to respond to a potential data breach before it happens. Application View includes "out of the box" content for quickly generating audit-quality log reports, compliance reports, and overall IT security and performance reports.

 

Key features

  • Retrofit virtually any application with logging capability, even custom applications
  • Leverage ArcSight ESM/Express to monitor and correlate application security events
  • Gain insight into user actions that indicate threats to data controlled by applications
  • Extend logging capabilities without needing to change the application itself
  • Save time and reduce costs with out-of-the-box capabilities and reports

Register for a free 30-day trial

 

Understand your business impact from security events

HP ArcSight Risk Insight is an add-on to ArcSight ESM that maps key business indicators to IT assets and security events. HP ArcSight Risk Insight enables the user to understand the business impact of the real-time threats detected by ArcSight SIEM solution. Intuitive visualization helps you to understand the business risks ‘at-a-glance’ through ESM security events. Risk Insight comes with built-in KPIs and dashboards, and a KPI Studio that lets you create your own metrics and visualization.

 

Key features

  • Understand the business impact of threats in real-time
  • Aggregate thousands of security events into risk metrics
  • Enable actionable intelligence through intuitive dashboards
  • Unify and map security events with business services through IT asset mapping
 

HP ArcSight ESM Suite with CORR-Engine Software Specifications

Software Model ESM 20 GB/d ESM 50 GB/d ESM 100 GB/d ESM 150 GB/d ESM 250 GB/d
Total Gigabytes Per Day (GB/Day) 20 50 100 150 250
Average (Sustained) Events Per Second 1,000 2,500 5,000 7,500 12,500
Bundled Network Devices 100 250 500 500 500
Named Web interface users 10 25 25 25 25
Named Console users 2 3 3 3 3
Bundled Vulnerability assets 10,000 10,000 10,000 10,000 10,000
Bundled IdentityView actors 50 50 50 50 50
Bundled Connector Software license 4 4 4 4 4


System Recommendations Small Medium Large
Processors 8 cores 16 cores 32 cores
Memory 36 GB RAM 64 GB RAM 128 GB RAM
Storage 250 GB disk space
RAID 10
15,000 RPM
1.5 TB disk space
RAID 10
15,000 RPM
<= 8TB
RAID 10
15,000 RPM
System OS Red Hat Enterprise Linux, version 6.2, 64 bit
Console OS Windows© XP, 32 bit,
Windows 7, 64 bit

Actual performance will depend on factors specific to a user's environment.

 

HP ArcSight ESM 6.0c Bundled Hardware Specifications

  E7400-2500 E7400-5000 E7400-7500
Total GB / Day 50 100 150
Average (Sustained) Events Per Second 2,500 5,000 7,500
Bundled Network Devices 250 500 500
Named Web interface users 25 25 25
Named Console users 3 3 3
Bundled Vulnerability assets 10,000 10,000 10,000
Bundled IdentityView actors 50 50 50
Bundled Connector Software license 4 4 4


Minimum System Requirements HP ArcSight ESM 6.0c (Software)
Supported OS Red Hat Enterprise Linux 5 64-bit
Hardware Requirements 2 x Intel Xeon E5620 Quad Core 2.4 GHz