ArcSight Express 4 DataSheet

Summary:

The HP ArcSight Express data sheet describes a security system designed to improve SIEM deployments and enhance security intelligence against complex attacks. It includes prebundled content for quick deployment and immediate ROI, with capabilities such as insider threat detection and prioritization of suspicious network activities. Key features include support for up to 1500 devices, monitoring up to 25,000 assets, compliance with various regulations like Sarbanes-Oxley and PCI DSS, and robust security measures including AV alerts, signature updates, configuration changes, user authentication, and access management. The system is suitable for hybrid environments and integrates well with existing infrastructure, offering compliance reporting across multiple standards.

Details:

The HP ArcSight Express data sheet highlights its capability to accelerate SIEM deployments for better security intelligence against smarter attacks. It provides prebundled content enabling quick deployment and immediate return on investment. With the evolution of cyber-attacks, organizations face more complex and multifaceted attacks resulting in higher losses. In contrast, those with a Security Intelligence and Event Monitoring system were better prepared to prevent information exfiltration. Organizations lacking skills or resources for a Security Operations Center struggle to defend their environment effectively due to its porosity. HP ArcSight Express offers total visibility into the network through preconfigured connectors like Windows®, NetFlow, and Cisco, allowing security analysts to understand and respond to malicious attacks efficiently. HP ArcSight Express is a comprehensive security solution designed to provide extensive visibility into events, with features including IdentityView for insider threat detection, Threat Detector using heuristic pattern analysis of historical data, and NetFlow Analysis that prioritizes suspicious network activities. It also includes a free trial of RepSM which utilizes reputation-based intelligence to detect malicious communication between hosts and infected infrastructure. Additionally, HP ArcSight Express offers a user-friendly management console for easy setup and comes with prebuilt rules, alerts, and reports for perimeter and network security monitoring. The provided information outlines the specifications of the HP ArcSight Express appliance, a network security monitoring solution. Key features include: 1. **Device Management**: Supports up to 1500 devices with varying peak event processing speeds (EPS) ranging from 500 to 15000 EPS, depending on the model. 2. **Asset Management**: Can monitor up to 25,000 assets per appliance. 3. **System Requirements**: Runs on Red Hat Linux 6.2 with a 64-bit OS, featuring a quad-core CPU and 36 GB of RAM. 4. **Storage**: Utilizes SAS disks in RAID-10 configuration, with storage capacities ranging from 6 x 600 GB to accommodate up to 25,000 assets. 5. **Power and Cooling**: Features two power supplies each providing up to 750 W of power, suitable for operation in a standard data center environment. 6. **Network Interfaces**: Includes four gigabit Ethernet interfaces supporting 10/100/1000 speeds. 7. **Compliance Reporting**: Supports compliance with multiple regulations including Sarbanes-Oxley, PCI DSS, Gramm-Leach-Bliley, FISMA, Basel II, and HIPAA through common monitoring controls. 8. **Security Features**: Monitors AV alerts, signature updates, configuration changes, user authentication across hosts, access management, and more. 9. **Additional Content**: Developed by HP ArcSight Professional Services or Certified Partners, additional content can be created to enhance the appliance's functionality. HP ArcSight Express is designed for organizations looking to manage security in a hybrid environment effectively while addressing advanced threats. It integrates with existing infrastructure and offers compliance reporting across multiple regulations, making it suitable for enterprises requiring robust network security without significant deployment complexities. This text talks about how y provides advanced security features to protect today's hybrid IT infrastructure from tricky cyber threats. If you want more details or want to sign up for updates, go to hp.com/go/hpexpress. Remember that this information can change without notice, and HP doesn't promise extra help if something is wrong in the text. Also, some names like Intel Xeon and Windows are protected by special marks from their owners.