RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

HPE ArcSight Logger

Product
The name of the base system (platform): HPE ArcSight ESM (Security Information and Event Management, SIEM)
Developers: ArcSight, Micro Focus
Date of the premiere of the system: 2013/10/22
Last Release Date: 2014/10/15
Technology: ITSM - Management systems for IT service,  Network Health Monitoring is Monitoring of network or management of health performance of IT Infrastructure

Content

HP ArcSight Logger is the solution for collecting, storage and data analysis about a condition of equipment.

On October 22, 2013 Hewlett-Packard announced the universal solution for management of magazines of audit and standardization of data.

The HP solution of ArcSight Logger helps to improve risk management and compliance to standards, security, IT processes, measures for warning of intrasystem threats and permanent threats to the increased complexity. HP ArcSight Logger the universal solution on management of magazines of audit which collects equipment state-of-health data from any sources creating magazines and unifies these data for further search, classification, creation of reports, the analysis and storage. In the conditions of wide use of own devices of employees (BYOD) and mobility it provides complex approach to management of the increasing amount of data of magazines of audit from numerous sources.

Hardware solution of HP of ArcSight Logger

Key functions

  • Collects data of magazines of audit from any sources creating magazines from any devices and in any format with the help of more than 300 connectors
  • Unifies data from all IT environment, arranging and classifying leads them to the general format of events (CEF)
  • Performs search among millions of events, using a text searching tool with the simple interface
  • Allows to store magazines and events for last years in the unified format thanks to high compression ratio with small costs
  • Automates the analysis, notifications, creation of reports, data management of magazines of audit and events for ensuring IT security, IT processes, a GRC system and analytics on the basis of these magazines of audit

Characteristics of the solution

Program

Model Devices Max. volume of the magazine Max. volume of search
L750MB 10 750 MB/day 500 GB
L5GB 50 5 GB/day 2.5 TB
L30GB 200 30 GB/day 8 TB
L80GB 500 80 GB/day 42 TB
L160GB Beyond all bounds 160 GB/day 42 TB
L250GB Beyond all bounds 250 GB/day 42 TB
General specifications of the software Поддерживаемые ОС:

Red Hat Enterprise Linux 6.2, 64-bit
Oracle Enterprise Linux, 6.1, 64-bit
CentOS, 6.2, 64-bit
Hyper-V on Windows Server 2008 R2, 64-bit
VMWare Virtual Appliance

Minimum requirements to the equipment:
CPU: 1 or 2x Intel® Xeon® Quad Core or similar
Memory: 4–12 GB
Disk space: 4–12 GB

Storage:

average compression ratio 10:1 (depends on data type and their source)

Equipment rooms

Model L3500 L7500-SAN L7500s L7500x
Devices 200 Beyond all bounds 500 Beyond all bounds
Max. number of EPS 2000 75 000 5000 100 000
Capacity (with compression) 8 TB 50 TB 42 TB
Specifications of the equipment 1x Intel Xeon, E5-2620 2,0 GHz, 6-core processor 2x Intel Xeon, 2648L, 1.8 GHz, 8-core processor
Memory 32 GB, 1600 MHz of the RAM 64 GB, 1600 MHz of the RAM
Storage systems 4 x 500 GB (1.5 TB RAID-5) Vneshn. – SAN 4 x 3 TB (9 TB – RAID 5)
Adapter of the main bus There are no data 2 x 2 ports, 16 GB of Emulex HBA There are no data
Sizes (x Highway x C) 27.5 x 17.1 x 1.7 inches 29.5 x 17.1 x 1.7 inches
Control of connectors Yes There are no data
General specifications Управление:


web browser, CLI, API of web services

The supported OS
Red Hat Enterprise Linux 6.2 (64-bit)

The supported sources:
unprocessed Cis. magazine (TCP/UDP), unprocessed file magazines (FTP, SCP, SFTP)
Data collection for the analysis using HP ArcSight SmartConnectors
The FlexConnector environment for outdated sources of events
HP ArcSight CEF (Common Event Format), HP ArcSight ESM

Storage:
average compression ratio 10:1 (depends on data type and their source)

Power supply:
power supply 2 x 460 W of CS Platinum

Interfaces of Ethernet:
4 x 10/100/1000



Body: 1U

2014

HP ArcSight Logger 6.0

On October 15, 2014 the HP company submitted the new version of the universal solution for management of the ArcSight Logger 6.0 magazines.

In a system the functions of collecting, storage and the analysis of event logs promoting more reliable security and observance of regulatory requirements are implemented. This system is one of key components of a product portfolio HP ArcSight intended for information management and events security (Security Information and Event Management, SIEM).

In comparison with the previous version, HP ArcSight Logger 6.0 has the improved scalability, can analyze in eight times more given and work on much quicker. A system allows to perform continuous monitoring of transaction journals and to quickly carry out computer technical expertize.