The components of the HP Arcsight SIEM solution are as follows
Solarwinds Monitoring Solution
UITS has deployed the Solarwinds product, which is an advanced infrastructure monitoring solution. Its deployment has provided greater visibility into the University’s UITS
infrastructure devices. All wired & wireless network nodes, security nodes, storage nodes, servers & the applications running in them are being monitored on most parameters.
Monitoring is done at both hardware and application levels. Servers monitored are both physical & virtual. University’s major website transactions are also monitored in this product.
HP ArcSight Logger
– a log management solution collects
data from any log generating source and unifies the
data for searching, indexing, reporting, analysis, and
retention.
HP ArcSight Connector
s - provide universal data
collection from over +350 unique devices and event
sources without the need to deploy agents across the
enterprise. It automates the process of collecting and
managing logs from any device and in any format
through normalization and categorization of logs into a
unified format known as Common Event Format (CEF).
HP ArcSight ESM
– is the security event manager that
analyzes and correlates every event in order to help
the IT Security team with security event monitoring,
from compliance and risk management to security
intelligence and operations. It has many add on modules
such as HP ArcSight Threat Detector, HP Reputation
Security Monitor (RepSM), Identity View and others.
61