HP ArcSight ESM v6.5c
April 01, 2014
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Vast features, excellent architecture and extensive event data parser.
- Weaknesses: No weakness was found.
- Verdict: This is an excellent product rich in features, quality and simplicity.
HP provided a USB adapter for the setup that included 17 documents, software executables, licenses and a virtual appliance. The documents provided were easy to follow and covered everything from concepts to installation, administration, user instructions and use cases. The documents included diagrams and simple how-to instructions.
The product was a Red Hat Enterprise Linux v6.4, 64-bit and included 4G memory, one virtual disk, CD/DVD, network adapter, USB controller and floppy drive. The system was set up in default mode as opposed to selecting FIPS mode. Foundation packages were selected, including the required packages - ArcSight Core, ArcSight Groups, ArcSight Administration, ArcSightcore, ArcSightSecurity, Conditional Variable Filters, Global Variables and Network Filters).
The ArcSight Command centre dashboard was cleanly designed with a great graphic dashboard. Navigation was mainly done through a Tree Navigator. Everything expected in an enterprise-class SIEM was there. There was no clutter or hard-to-read pages. Case management allowed classification levels of events that included a Reputation Security Monitor. Simulated attack data was provided to see the effects of events. Also impressive were the feeds to current global threats. Data from a large number of threat watchdog communities are integrated into the product in near real time.
HP offers basic no-cost support that includes a community-supported website, as well as a FAQ list. The company website offers a 24/7 knowledge base (requires login), and there also is a premium support option. Fee-based options are available at 15 or 18 per cent of product cost. The services include phone and email aid, with access provided based on fee level with eight-hours-a-day/five-days-a-week or 24/7 options, respectively. The value for the money spent for this product is good.
Prices are US-based, thus indicative only.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry