Key Features

Data enrichment

Enriches the data with user and asset information, giving you the situational/content awareness you need to make informed decisions during investigation and to accelerate the remediation process.

Categorization and normalization

Categorization and normalization of data helps you quickly identify situations that require investigation or immediate action helping you focus your attention on most urgent, high risk threats.

Powerful real-time correlation

Improve incident response time from days to minutes with the most intelligent correlation engine in the industry. It filters out irrelevant noise while zeroing in on threats that matter most.

Ultra-fast forensics

Rapidly search terabytes of data using a simple search interface. Enables needle-in-the-haystack queries of both active and historical data with a simple search interface.

Out-of-the-box security use cases

Accelerate your SIEM deployment with a large library of predefined security use cases and compliance automation and reporting tools that are the cornerstone of building Security Operations.

Workflow automation

Automatically or manually escalate events to the right people in the right time frame. The robust workflow framework comes with built in case management and can integrate with your existing systems.

SIEM Add-Ons

Data sheet

ArcSight ThreatDetector Threat Detection

 

(PDF 248KB)

Data sheet

ArcSight Compliance Insight Package for IT Governance

 

(PDF 622 KB)

 

Threat Analysis

 

ArcSight Interactive Discovery (AID)

When Good Users Go Bad

Keep your SOC ahead of the curve.

Resources

Data sheet

 

ArcSight ESM: Powered by CORR-Engine

(PDF 359 KB)

White paper

 

SIEM and Advanced Analytics: A Powerful Combination

(PDF 545KB )

Brochure

 

Protecting your business with a more mature IT security strategy

(PDF 191KB )

Article

 

What To Do When Good Users Go Bad 

White paper

 

Big Data? Get big security.

(PDF 374KB )

Data sheet

 

See threats: ArcSight Application View

(PDF 141 KB)

White paper

 

Growing the Security Analyst

(PDF 263KB )

Data sheet

 

ArcSight User Behavior Analytics

(PDF 1.2 MB)

Data sheet

 

ArcSight DNS Malware Analytics

(PDF 231 KB)

Related Security Operations Products and Services

Data Collection

ArcSight Data Platform

Collect, store, monitor and report machine data through this Big Data platform.

SIEM Appliance

ArcSight Express

SIEM appliance for mid-market that helps combat APTs and insider threats.

Security Analytics

ArcSight Analytics

Get predictive big data security analytics with ArcSight Analytics.

SecOps

Security Operations

Intelligent security operations software that provide broad visibility to find and mitigate threats more effectively.

ArcSight Apps

ArcSight Marketplace

Explore ArcSight apps, documentation, community sharing for ArcSight SIEM best practices.

Threat Analysis

Threat Central

Actionable threat intelligence and analysis via our cloud-based sharing platform.

Enterprise Security Management

ArcSight Risk Insight

Understand your potential business risk from security events.

ArcMC

ArcSight Management Center

Centrally manage your ArcSight deployments through a unified interface.

Security Operations Center

Security Intelligence and Operations Consulting

Achieve maximum capabilities in your security operations through people and process.

Enterprise Security Consulting

Security Consulting Services

Consulting services to help you get most out of your investment in HPE security solutions.

Security Intelligence Services

Threat Defense Services

Uncover and implement targeted solutions to the biggest threats to your enterprise.

Security Compliance

Compliance Insight Packages

Built in content for compliance for compliance analytics and cost-effective monitoring.

Enterprise Security Training

Enterprise Security University

Expert instruction to optimize your security operations and your security investments.

Consulting & Implementation

Software Services

Shape your IT strategy to achieve business value.

Software Education

Education Services

Empower your teams. Boost software adoption. Strengthen your business.

Consulting & Implementation

Software Services

Shape your IT strategy to achieve business value.

Engage with our HPE Security Community

Protect Your Assets Blog

Get IT security insights to protect your business ahead of attackers anywhere in the world.

Security Research Blog

Get innovative research, observations and updates to help you proactively identify threats and manage risk.

Protect724 Community

Join the HPE Security community to share, search, collaborate for solutions and gain feedback.

HPE Security on Twitter

Get the latest tweets on hybrid environment risks and defending against advanced threats.

HPE Security on LinkedIn

Connect with experts and discuss the latest info on new threats and risk in hybrid environments.

HPE Software on Facebook

Join with peers and experts to discuss how to make your HPE software work for you.

HPE Software on Google+

Discuss the latest on how to make your enterprise applications and information work for you.

HPE Business Insights

Gain strategic insights from IT leaders who help others define, measure and achieve better IT performances.

SIEM Technical Specifications

ArcSight ESM Suite with CORR-Engine Software Specifications Software Model

Software Model ESM 20 GB/d ESM 50 GB/d ESM 100 GB/d ESM 150 GB/d ESM 250 GB/d
Total Gigabytes Per Day (GB/Day) 20 50 100 150 2501
Average Events Per Second2 1,000 2,500 5,000 7,500 12,500
Network Devices 100 250 500 500 500
Named Web interface users 10 25 25 25 25
Named Console users 2 3 3 3 3
Vulnerability assets 10,000 10,000 10,000 10,000 10,000
IdentityView actors 50 50 50 50 50
Connector Management licenses included 4 4 4 4 4

 

System Recommendations Minimum Mid-Range High Performance
Processors 8 cores (16 preferred) 32 cores 40 cores
Memory 48 GB RAM (64 preferred) 192 GB RAM 512 GB RAM
Hard Disk Six 600 GB disks (1.5 TB) 
(RAID 10) 
15,000 RPM
20 1 TB disks (10 TB) 
(RAID 10) 
10,000 RPM
12 TB 
(RAID 10) 
Solid state

 

 

Supported Operating Systems  
System Red Hat Enterprise Linux, version 6.4 & 6.5 (64 bit) 
SUSE 11 SP3 (64bit)
Console Red Hat Enterprise Linux, version 6.4 & 6.5 (64 bit) 
SUSE 11 SP3 (64bit) 
Windows 7 SP1, 8, 8.1, Server 2008 R2 
MacOS 10.7
Web Browsers Internet Explorer, Firefox, Chrome (Windows), Safari (MacOS)

1 - ESM can be expanded beyond 250 GB/d via licensing upgrades. GB/d is only limited by hardware capability. 
2 - Event per second (EPS) value is to be used as a guideline only. ESM is not licensed based on EPS.