The components of the HP Arcsight SIEM solution are as follows

Solarwinds Monitoring Solution

UITS has deployed the Solarwinds product, which is an advanced infrastructure monitoring solution. Its deployment has provided greater visibility into the University’s UITS

infrastructure devices. All wired & wireless network nodes, security nodes, storage nodes, servers & the applications running in them are being monitored on most parameters.

Monitoring is done at both hardware and application levels. Servers monitored are both physical & virtual. University’s major website transactions are also monitored in this product.

HP ArcSight Logger

– a log management solution collects

data from any log generating source and unifies the

data for searching, indexing, reporting, analysis, and

retention.

HP ArcSight Connector

s - provide universal data

collection from over +350 unique devices and event

sources without the need to deploy agents across the

enterprise. It automates the process of collecting and

managing logs from any device and in any format

through normalization and categorization of logs into a

unified format known as Common Event Format (CEF).

HP ArcSight ESM

– is the security event manager that

analyzes and correlates every event in order to help

the IT Security team with security event monitoring,

from compliance and risk management to security

intelligence and operations. It has many add on modules

such as HP ArcSight Threat Detector, HP Reputation

Security Monitor (RepSM), Identity View and others.

61