ESM 7.0 combines the most powerful SIEM correlation engine with distributed node/cluster technology. Now ESM can scale like never before, analyzing up to 100,000 events each second.
The ArcSight Command Center’s cluster view option demonstrates how ESM 7.0 decouples the components used in advanced correlation processes so that customers can now add more nodes to the ESM cluster.
ArcSight Enterprise Security Manager 7.0 sits centrally in an organization, collecting and analyzing events from across systems and security tools. It detects security threats in real time so that analysts respond quickly, and it scales to meet demanding security requirements.
ESM 7.0 adds new charts, a global SOC dashboard, and right-click drill down features in the Console for user interface and visual improvements.
Even more use case solutions and packages plus a growing list of support vendor products. Customers can build and share rule sets and logic in their SIEM.
ESM now includes new audit events for tracking SLAs, case changes, and rule modifications, because metrics are everything for mature SOCS and security providers.
With distributed correlation, ESM 7 brings increased EPS handling, and improved availability and redundancy. Sitting at the center of the intelligent SOC, ESM can scale to match the growing security data being generated keeping up with evolving cyber threats. What new SIEM packages should you now deploy?