192
Back to Top

HPE ArcSight Management Console - license - 500 connectors, 60 products

Mfg. Part: A7Y09AAE | CDW Part: 4052078 | UNSPSC: 43233204
$127,144.33Advertised Price
Lease Option ($3,374.41 /month) Lease Availability
Close

Have leasing questions? Let us know how can we help.

Note: Leasing is available to organizations only. Leasing is not available to individuals.
800.808.4239
Mon-Fri 7am-7:30pm CT
Availability:In Stock
Ships today if ordered within 14 hrs 60 mins
  • License
  • 500 connectors
  • 60 products
  • electronic
View More
Product Overview
Main Features
  • License
  • 500 connectors
  • 60 products
  • electronic
ArcSight analyzes and correlates every event that occurs across the organization - every login, logoff, file access, database query, etc. - to deliver accurate prioritization of security risks and compliance violations. The powerful correlation engine of ArcSight sifts through millions of log records to find the critical incidents that matter. These incidents are then presented through real-time dashboards, notifications or reports to the security administrator.

With deep understanding of users and roles, network activities and flows, ArcSight is uniquely able to understand who is on the network, what data they are seeing, which actions they are taking with that data, and how that affects business risk. Unlike competing products, ArcSight can model not only IP addresses/network zones, systems and devices, but also users, employees, customers and partners for powerful analysis. ArcSight can then apply modern techniques including pattern recognition and behavioral analysis to detect the sophisticated threats that are hurting organizations every day. Once threats and risks are identified, ArcSight uses its built-in workflow engine to manage incidents and prevent damage.

Technical Specifications
Specifications are provided by the manufacturer. Refer to the manufacturer for an explanation of the print speed and other ratings.
General
Category: Online & appliance based services
Subcategory: Online & appliance based services - appliance software

Header
Brand: HPE
Compatibility: PC , Unix
Manufacturer: HP Software
Model: Management Console
Packaged Quantity: 1
Product Line: HPE ArcSight

Software
Distribution Media: Electronic
License Category: License
License Qty: 500 connectors , 60 products
License Type: License

Product Reviews
HPE ArcSight Management Console - license is rated 3.7 out of 5 by 11.
Rated 4 out of 5 by from FlexConnector collects logs from your own application. Valuable Features:The ArcSight solution supports your security team with many SIEM features:* Monitoring* Analysis* Alerts* Incident responseIn my opinion, ArcSight is an open solution. It is easy to:* Customize components* Use FlexConnector to collect logs from your own application* Edit rules and the dashboard* Create work flows* Enrich information for eventsImprovements to My Organization:I work at an ArcSight distributor in Vietnam. I have deployed the ArcSight solution for many customers. Some organizations are using it for SOC’s core and others for monitoring their information systems, critical assets, and regulatory and policy compliance.Use of Solution:I have over two years of experience.Stability Issues:It can be overloaded when rules and data monitoring are not optimized and the system receives too many events.Scalability Issues:ArcSight can be extended to meet the biggest customers (large enterprise) needs.Technical Support:ArcSight technical support is enthusiastic. They have a lot of experience and many case studies.Initial Setup:ArcSight configuration and deployment is complex, because it has many components.Other Solutions Considered:I researched Splunk, QRadar and AlienVault, and I appreciate Splunk and ArcSight.Other Advice:ArcSight provides many documents and guides for configuration and operation. Also, you can refer to its community at https://www.protect724.hpe.com ( https://www.protect724.hpe.com/community/arcsight ).Disclaimer: My company has a business relationship with this vendor other than being a customer:My company is a partner of HPE ArcSight.
Date published: 2017-04-05
Rated 4 out of 5 by from With multi-tier hierarchical deployment, we are able to integrate and standardize security incident detection and response. Valuable Features:* High flexibility: There are many custom sources of information that we wouldn't be able to integrate with another SIEM solution, thus compromising our security.* High performance: The amount of data fed to the solution is huge (100s of millions of events per day).* Capacity for multi-tier hierarchical deployment: We are able to integrate and standardize security incident detection and response over many locations.Improvements to My Organization:* Losses from security incidents have significantly decreased.* Security incident discovery and mitigation is a matter of hours, rather than days or even months, like it was before.* Detailed reports allow for planning and informed decision making.Room for Improvement:The overall complexity of the product can be overwhelming for some. It's not the type of solution where you just plug it in and it works. Reaping full benefit from it requires quite a lot of custom tuning, qualified IT security personnel, and proper and thorough planning.Technical support from the vendor can sometimes be quite slow and not very helpful, but it is getting better.The GUI is outdated. Improvements on this are on the way, according to the vendor.Use of Solution:I’ve been using ArcSight for five years.Stability Issues:We had stability issues only in a virtual environment, which is not recommended by the vendor for a high-load setup. The main virtual server would crash every now and then. But once we had migrated the setup to a dedicated physical server, we had no major stability issues.Scalability Issues:Scalability was one of our main concerns while choosing a solution and, so far, it has satisfied our needs in this area without any issues.Technical Support:Right now, I would call technical support moderately good, since it has improved greatly over the past years. There are still some issues with timeliness every now and then, but the number of critical issues is quite low.Previous Solutions:We have evaluated several solutions and HPE ArcSight was the only one that satisfied our requirements in performance, scalability, and flexibility.Initial Setup:Initial setup was quite complex and required a lot of planning. That is a downside of the solution being flexible and customizable.Cost and Licensing Advice:The pricing and licensing model has changed dramatically over the last years, so I can't really give much advice on its current state. You need to be ready for the solution to be quite expensive.Other Solutions Considered:We evaluated McAfee ESM.Other Advice:The keys to success with this solution are:* Careful deployment planning* Readiness to invest time and resources into training your IT security personnel* Fine tuning the solution to your specific needsDisclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-02-01
Rated 3 out of 5 by from With the console, I can move between analyzing events and creating content. SmartConnectors are not resilient and sometimes crash. Valuable Features:The ESM's interface is really comprehensive. While the ArcSight console is really heavy, and I tend to dislike Java-based Windows GUIs, it's feature-rich and provides a seamless way to move between analyzing events and creating content.Improvements to My Organization:The ability to correlate such a diverse range of information into a single location is invaluable.Room for Improvement:SmartConnectors should be resilient, since they ingest directly from sources (often sources that I have no control over). But they're not resilient. The slightest change in the format of an event can cause SmartConnectors to stop working completely, even for other properly formatted events.Use of Solution:I have been using ArcSight for two years.Stability Issues:I've had stability issues, particularly with SmartConnectors. They sometimes crash. Worse still, they often report that they're working fine but completely stop listening for events.Scalability Issues:The ArcSight Logger is extremely limited when it comes to scalability. For a large deployment that could be handled by a single ESM, a dozen Loggers might be required. The cost of such an undertaking is prohibitive, and there are much more scalable solutions available (ES for instance).Technical Support:I would rate this zero, if I could. I have had many incidents opened with HPE Support for ArcSight products, and there has not been a single issue where their support was more valuable than the time it took to deal with them. In most of my experiences with them, I provided a thorough description of the problem including logs, config files, and sometimes .pcap files.I then heard back from them roughly once or twice a day for a week, during which time they would ask questions that I had already answered, and suggest actions that couldn't possibly relate to my issue. Of course, I tried their suggestions, but they did not work. By then, I had always devised a workaround to reduce impact to production and didn't receive another suggested resolution for weeks or months.Previous Solutions:I have used many products that cover some of the territory claimed by ArcSight, including: Sourcefire 3D, ELSA, Sguil/Squert, RSA Security Analytics and Splunk. None of these were as comprehensive as ArcSight.Initial Setup:Most of the initial setup is very straightforward, but some event sources require significant effort to integrate.Cost and Licensing Advice:ArcSight is exclusively an enterprise product and it is priced accordingly.Other Solutions Considered:We evaluated QRadar and Splunk.Other Advice:Evaluate your needs. If you're only looking to integrate logs or do simple correlations, there might be a better choice out there. If you're looking for a single product that will let you aggregate, correlate and analyze many different sources in a single place, then there are few competitors that can come close to ArcSight's features.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-02-01
Rated 4 out of 5 by from Has helped us to gather, store, correlate and analyze security log data from many different information systems. Valuable Features:Intrusion Detection System (IDS)Security Information and Event Management (SIEM)Improvements to My Organization:To organizations like mine, security information and event management products being introduced in the industry, as an outcome of several vulnerability, are able to provide real-time monitoring reporting and defense against these attacks. It has helped us to gather, store, correlate and analyze security log data from many different information systems.Room for Improvement:For this review, ArcSight sent me the Logger 4 7000-series appliance (2U) with six 1TB RADIUS drives, the maximum amount of internal storage available. I will like to see a threat analytics module. Also, the ability to produce reports.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partners
Date published: 2017-01-20
Rated 3 out of 5 by from Scalable though it is not "plug-and-play". Valuable Features:- Scalable though it is not "plug-and-play".- Various deployment configurations, based on requirements, budget and the EPS/GB per day- Stable, performance predictable based on used capacity- Integration with alerting/ticketing systems such as TivoliImprovements to My Organization:- We use it for managed SIEM services and its stability and maturity helps with standard deployments (hardly any surprises)Room for Improvement:- A bit on the slow side for reports requiring query of old data- High availability achievable through complicated configurations (i.e. load balancers)- The user interface is a bit datedDisclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2016-08-02
Rated 4 out of 5 by from Has helped us to gather, store, correlate and analyze security log data from many different information systems. Valuable Features:Intrusion Detection System (IDS)Security Information and Event Management (SIEM)Improvements to My Organization:To organizations like mine, security information and event management products being introduced in the industry, as an outcome of several vulnerability, are able to provide real-time monitoring reporting and defense against these attacks. It has helped us to gather, store, correlate and analyze security log data from many different information systems.Room for Improvement:For this review, ArcSight sent me the Logger 4 7000-series appliance (2U) with six 1TB RADIUS drives, the maximum amount of internal storage available. I will like to see a threat analytics module. Also, the ability to produce reports.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partners
Date published: 2016-06-09
Rated 5 out of 5 by from The user has multiple levels of options to generate reports and get alerted based on conditions. Valuable Features:* Collection - Collects logs from a wide range of products, even those not supported by default and the users can develop a connector for log collection.* Detection - Caliber to detect subtle attacks with a powerful correlation engine.* Report/Alert - The user has multiple levels of options to generate reports and get alerted based on conditions.Improvements to My Organization:By using ArcSight ESM and its correlation technology, it thwarts multiple attacks from external sources before exploitations such as SQL injection, UNIX password file attempt, brute force to published servers, and more.In addition, internal frauds have been prevented through preventing unauthorized login attempts to the firewall, database, critical servers, etc.Room for Improvement:ArcSight Connector appliance needs some improvement, as it has some bugs which triggers issues most of the time. I believe that the Connector is going to hit end-of-service.Deployment Issues:We experienced no issues with the deployment.Stability Issues:We had the bugs in Connector as detailed in the Areas for Improvement section.Scalability Issues:We've had no issues with scalability.Technical Support:Technical support should be improved. Many times, I've raised a case but none of them solved it and it took the guys from the Protect724 forum so solve my issue. The support team simply collects the logs from end users and makes you wait, and you carry on passing the same information which is available in the Admin guide.Initial Setup:All you need is proper planning and pre-requisites information, and it's straightforward. Some newbies say that this product is hard to handle, but basically practice makes perfect.Other Advice:HP are doing their job perfectly by bringing new features in every version, such as RepSM, HA capability, etc. It has never failed me.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2016-03-31
Rated 4 out of 5 by from It allows us to traceback security threats, to generate usage trends and discover anomalies. Valuable Features:For us, there are several valuable features.* The ability to correctly parse the most number of products comparing to its competitors;* The ability to create very complex scenarios to detect security risks and anomalies;* Very stable system components (connectors, logger and correlation engine) combined with satisfactory vendor support; and* The ability to create parsers for all kinds of applications and systems is an important differentiator.Improvements to My Organization:It greatly changed our work habits in the organization allowing us to not only trace back security threats, but also to generate usage trends, discover anomalies and so many other usages. It quickly became an indispensable tool.Room for Improvement:They can definitely provide faster search response and offer larger on-the-box storage support. The predefined correlation ruleset can be improved to cover more security alerts and more products.There is also still room for improvement for processing speed. An easily accessible documentation such as reference architectures does not exist, more guidance can be provided to customer for such a complex product.Deployment Issues:We've had no issues with deployment.Stability Issues:We've had no issues with stability.Scalability Issues:We've had no issues with scalability.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2016-03-17
  • y_2017, m_10, d_18, h_18
  • bvseo_bulk, prod_bvrr, vn_bulk_2.0.3
  • cp_1, bvpage1
  • co_hasreviews, tv_0, tr_11
  • loc_en_US, sid_4052078, prod, sort_[SortEntry(order=SUBMISSION_TIME, direction=DESCENDING), SortEntry(order=FEATURED, direction=DESCENDING)]
  • clientName_cdwg
 
Adding to Cart...
10/19/2017 1:00:16 AM
^ Back to Top

Maximum 300 characters
An account manager will email you within one business day to confirm your request.

Your Quote has been submitted

What Happens Next? A confirmation email is on its way. Within one business day, you will be contacted by an Account Manager to finalize your quote.

Error!

Something went wrong.

Please try again later.