ArcSight + Splunk Combo Training
Duration: 1.5 month
Hours: 90 Hours
Upcoming Batch: Registration going on
ArcSight Logger provides cost-effective long term log management and storage, as well as automated compliance reporting. By storing up to 42 TB of log data on a single appliance while supporting search speeds of millions of events per second across structured and unstructured data. ArcSight Logger brings a flexible means of storing event data from Cisco networking devices for years. ArcSight Logger supports automated reporting for SOX, PCI DSS, NERC and other regulations, integrating Cisco Security MARS data with other agency information.
ArcSight Express includes the industry leading real-time correlation and log management technologies from ESM and Logger, in one pre-packaged easy-to-use SIEM solution for the mid-market. Express is referred to as the “security expert in a box”, and has several built-in correlation rules, dashboards, and compliance reports. ArcSight Express provides a rapidly deployable, low cost mid-market solution for monitoring Cisco infrastructure.
ArcSight Smart Connector
ArcSight SmartConnectors collect event data from network devices, and they normalize the data structure into common schema, add severity, priority, and time zone. SmartConnectors can optionally filter out data that you know is not needed for analysis, saving network bandwidth and storage space. It can aggregate events to reduce the quantity of events of the same type, thus improving efficiency. It can categorize events using the common, human-readable formats, making it easier to use those events to build filters, rules, and reports.
ArcSight ESM protects demanding private and public organizations through-out the world. Using its broad log data collection capability, combined with its powerful event correlation engine, ArcSight ESM can detect sophisticated threats crossing multiple types of security products. ArcSight ESM extends the reach of Cisco threat management and response, by performing sophis-ticated event correlation of Cisco network events and alerts with a broader set of agency-wide event-sources (systems, databases, and applications). As a result, customers can detect threats in time to take effective action.