Upload
michael-glaros
View
178
Download
0
Embed Size (px)
Citation preview
ArcSightProtect Your universe with
The ArcSight SIEM Platform:
Prevent Data theft
enforce compliance
Defeat cybercrime
1
Problem more threats, more risk, more Pain
solution complete visibility to Address Problems early
Keeping your organization safe and secure can be a daunting task. Bots, worms, and hackers threaten it from the outside. Data breaches, theft, and fraud threaten it from the inside. A bad economy only magnifies the problems. At the same time, increasing regulations and fines highlight the risk of failure in preventing these threats.
It’s never been more challenging to protect your business. As a result, the value of automated security and compliance monitoring has never been higher.
The ArcSight SIEM Platform helps safeguard your business by giving you complete visibility into activity across the IT infrastructure: external threats such as malware and hackers; internal threats such as data breaches and fraud; and compliance pressures from failed audits.
ArcSight provides the industry’s leading Security Information and Event Management (SIEM) platform comprised of an integrated product suite for collecting, processing and assessing security and risk event information, to enable rapid identification, prioritization, and response to policy breaches, cyber-security attacks and insider threats. For six consecutive years, Gartner has positioned ArcSight in the Leaders Quadrant for Security Information and Event Management and IDC has once again named ArcSight as the market share leader in the SIEM market.
before Arcsight, it was
difficult to know in real-
time what was happening
from an it security and
compliance perspective.
now we have dashboards
that are viewed by very
skilled security analysts.
Arcsight has quickly
become a key strategic
element in the safe and
secure operation of our
bank.
Ali Alotaibi , it security -
manager,
saudi hollandi bank
lower the cost of compliance
Protect critical assets and information
manage billions of log events
monitor key users for unusual activity
2
here’s what Arcsight siem can do for you:
Protect criticAl Assets AnD informAtionReal-time monitoring of key assets such as file servers, control systems, and databases help detect signs of trouble when it is still possible to prevent disaster. The ArcSight SIEM Platform correlates the many pieces of information and evaluates risks across your enterprise to act as an early warning system for your business.
lower the cost of comPliAnce Regulations continue to increase and compliance remains a top business initiative. To avoid the penalties of failed audits, organizations must show that their controls are effective and that their business systems are robust enough to fend off attack and protect confidential information. ArcSight pre-built regulatory compliance packages to provide “out of the box” mapping to specific requirements. The result is automated compliance reporting and continuous compliance control oversight, resulting in lower effort and operational costs with more protection.
monitor keY users for unusuAl ActivitY Is someone in the finance department leaking earnings information? Is a call center representative stealing customer credit card data? Is a terminated employee gaining access to his old accounts? Only ArcSight can provide a 360-degree view of your systems and users, and tell you who is doing what, where, when and how. ArcSight links user, group, and role information with actual network and application activity to provide verified connections between actual people (not just an IP address) and potentially high-risk activities.
mAnAge billions of log events The pressure is on to collect and store audit-relevant log data from numerous sources. Without effective log management, it becomes nearly impossible to sift through terabytes of information and isolate the events needed to support an audit or an investigation. ArcSight can help your enterprise store, manage, and report against massive volumes of log data and enables forensics analysis of security incidents, as well as automated compliance reporting.
NetworkDevices Security
Devices
PhysicalAccess Mobile
ServersDesktop
IdentitySources Email
DatabasesApps
3
the Arcsight siem Platform
Arcsight logger
Arcsight compliance insight Packs
Arcsight esm
Arcsight identityview
thanks to Arcsight, it became
very easy to look at a series
of security events—regardless
of which device they came
from—and see the real scope
of the problem and respond
appropriately.
tim maletic, information services -
security officer,
Priority health
The ArcSight SIEM Platform is an integrated product suite for collecting, processing, and assessing security and risk event information.
Arcsight connectors
4
Enterprisewide Protection •World-Class Correlation and Analysis •Automated or Manned Security Operations•Sensitive Data Protection•Critical Transaction •Monitoring
Fastest Collection and Search Available•Small-to-Enterprise Scalability•Business Intelligence for Logs•Automated Compliance•Low-Cost Storage •
ArcSight ESM
ArcSight Logger
Arcsight esm with its state-of-
the-art technology and ease of
scalability is the key element
for our t-mobile operations
security cockpit as it answers
the challenge of identifying
quickly the relevant security
threats.
r.kopp vP, t-mobile operations -
risk management,
t-mobile
Arcsight has been with us every
step of the way—they listened
to our needs and are invested
in our success. they proved to
us they aren’t just a technology
vendor, they are a partner.
kent Podvin, Director of it, -
capital blue cross
5
Privileged User Monitoring•Shared Account Attribution•User Behavior Profiling•360˚ User Activity Analysis•Role Violation Detection•
275+ Third-Party Product Connectors•Simple Toolkit for Virtually All Other Products•Future Proofed Through Event Normalization •
ArcSight IdentityView
ArcSight Connectors
6
Continuous Control Monitoring•Audit-Ready Compliance Reports •Pre-built for Specific Regulations•Best Practice IT Governance •Frameworks
Security Expert “In a Box”•Automated Security Operations •Pre-built, Comprehensive Protection and Compliance•World-Class Correlation •and Log Management
Turnkey Simplicity •
ArcSight Compliance Insight Packs
ArcSight Express NEw!
typically, skilled people are
required that understand the
log files on each of the different
systems in your environment.
but Arcsight express eliminates
that need by doing all the
aggregation and correlation
across all our systems. now
one employee can do the work
of four or five people. Arcsight
express is a very cost effective
solution.
candy Alexander, chief security -
information officer, long term
care Partners
About Arcsight
ArcSight (NASDAQ: ARST) is a leading global provider of
compliance and security management solutions that protect
enterprises and government agencies. ArcSight helps customers
comply with corporate and regulatory policy, safeguard their assets
and processes, and control risk. The ArcSight SIEM Platform
collects and correlates user activity and event data across the
enterprise so that businesses can rapidly identify, prioritize, and
respond to compliance violations, policy breaches, cyber-security
attacks, and insider threats.
ArcSight, Inc.5 Results Way, Cupertino, CA 95014, USA | www.arcsight.com | [email protected] Headquarters: 1-888-415-ARST | EMEA Headquarters: +44 870 351 6510 | Asia Pac Headquarters: 852 2166 8302
© 2009 ArcSight, Inc. All rights reserved. ArcSight and the ArcSight logo are trademarks of ArcSight, Inc. All other product and company names may be trademarks or registered trademarks of their respective owners.ARST-EVB001-060809-04
ArcSight
SIEM