ArcSight Enterprise Security Manager (ESM)


Distributed Correlation

ESM 7.0 combines the most powerful SIEM correlation engine with distributed node/cluster technology. Now ESM can scale like never before, analyzing up to 100,000 events each second.

 Distributed Correlation
 Cluster view
Cluster view

The ArcSight Command Center’s cluster view option demonstrates how ESM 7.0 decouples the components used in advanced correlation processes so that customers can now add more nodes to the ESM cluster.

ArcSight portfolio architecture

ArcSight Enterprise Security Manager 7.0 sits centrally in an organization, collecting and analyzing events from across systems and security tools. It detects security threats in real time so that analysts respond quickly, and it scales to meet demanding security requirements.

ArcSight portfolio architecture
Head ?
New UI options

ESM 7.0 adds new charts, a global SOC dashboard, and right-click drill down features in the Console for user interface and visual improvements.

Point / Square
Activate Framework

Even more use case solutions and packages plus a growing list of support vendor products. Customers can build and share rule sets and logic in their SIEM.

face to face
New audit events

ESM now includes new audit events for tracking SLAs, case changes, and rule modifications, because metrics are everything for mature SOCS and security providers.

ESM 7: more powerful, more scalable

With distributed correlation, ESM 7 brings increased EPS handling, and improved availability and redundancy. Sitting at the center of the intelligent SOC, ESM can scale to match the growing security data being generated keeping up with evolving cyber threats. What new SIEM packages should you now deploy?

release-rel-2019-11-1-3171 | Wed Nov 13 04:28:31 PST 2019
Wed Nov 13 04:28:31 PST 2019