Friday, July 10, 2015

SIEM Deployment - ArcSight SmartConnector Build is out

ArcSight SmartConnector Build is now available!


·           New Amazon Web Services CloudTrail SmartConnector which includes support for Identity and Access Management (IAM), Elastic Compute Cloud (EC2), and CloudTrail Services.
·           Enhanced support for Logger clustering:
o  Beta support for ArcSight Logger SmartMessage Pool destination type which specifies a pool of logger devices. The events are distributed among the loggers in the pool.
·           New RESTful web services CEF connector and standard:
o  Beta support for ArcSight Common Event Format REST connector to collect CEF events from CEF certified cloud vendors. It also extracts assets and vulnerability information from the CEF events.
·           Enhanced WinC international support:
o  Support for non US locale dates parsing.
o  French, Japanese & Chinese support
·           Enhanced IPv6 support:
o  Added a new parser operation to extract IPv4 addresses embedded in IPv6 addresses.
·           Added support for Tenable SecurityCenter’s Assessment Summary Results (ASR) and Asset Reporting Format (ARF) logs in .xml format
New Device, Component, or OS Version Support

New Device, Component, or OS Version
Blue Coat Proxy SG Syslog
Juniper Pulse Secure Access Syslog (formerly Juniper Secure Access SSL/VPN Syslog)
McAfee Network Security Manager DB (Timestamp Based)
McAfee Network Security Manager DB (ID Based)
SNMP Unified
RSA Identity Management Service 8.1
RSA Authentication Manager 8.1

1 comment:

  1. Friends.. we are having a delpoyment on Arcsight. Need some good sources where I can learn it from all basics... Such info will be very valuable for me and my team members. Thanks in advance.