HPE ArcSight SmartConnector ( v. 5.14 ) - media

Mfg. Part: TH016AAE | CDW Part: 2546706 | UNSPSC: 43233204
$11.99Advertised Price

Have leasing questions? Let us know how can we help.

Note: Leasing is available to businesses only. Leasing is not available to individuals.
Mon-Fri 7am-7:30pm CT
Availability:In Stock
Ships today if ordered within 2 hrs 52 mins
  • ( v. 5.14 )
  • media
  • electronic
  • English
View More
Product Overview
Main Features
  • ( v. 5.14 )
  • media
  • electronic
  • English
ArcSight analyzes and correlates every event that occurs across the organization - every login, logoff, file access, database query, etc. - to deliver accurate prioritization of security risks and compliance violations. The powerful correlation engine of ArcSight sifts through millions of log records to find the critical incidents that matter. These incidents are then presented through real-time dashboards, notifications or reports to the security administrator.

With deep understanding of users and roles, network activities and flows, ArcSight is uniquely able to understand who is on the network, what data they are seeing, which actions they are taking with that data, and how that affects business risk. Unlike competing products, ArcSight can model not only IP addresses/network zones, systems and devices, but also users, employees, customers and partners for powerful analysis. ArcSight can then apply modern techniques including pattern recognition and behavioral analysis to detect the sophisticated threats that are hurting organizations every day. Once threats and risks are identified, ArcSight uses its built-in workflow engine to manage incidents and prevent damage.

Technical Specifications
Specifications are provided by the manufacturer. Refer to the manufacturer for an explanation of the print speed and other ratings.
Category: Online & appliance based services
Installation Type: Locally installed
Subcategory: Online & appliance based services - appliance software

Brand: HPE
Compatibility: PC , Unix
Localization: English
Manufacturer: HP Security software
Model: SmartConnector
Packaged Quantity: 1
Product Line: HPE ArcSight

Distribution Media: Electronic
License Category: Media
License Type: Media
Version: 5.14

Product Reviews
Rated 3.8 out of 5 by 8reviewers.
Rated 3 out of 5 by Scalable though it is not "plug-and-play". Valuable Features:- Scalable though it is not "plug-and-play".- Various deployment configurations, based on requirements, budget and the EPS/GB per day- Stable, performance predictable based on used capacity- Integration with alerting/ticketing systems such as TivoliImprovements to My Organization:- We use it for managed SIEM services and its stability and maturity helps with standard deployments (hardly any surprises)Room for Improvement:- A bit on the slow side for reports requiring query of old data- High availability achievable through complicated configurations (i.e. load balancers)- The user interface is a bit datedDisclaimer: I am a real user, and this review is based on my own experience and opinions. August 2, 2016
Rated 4 out of 5 by Has helped us to gather, store, correlate and analyze security log data from many different information systems. Valuable Features:Intrusion Detection System (IDS)Security Information and Event Management (SIEM)Improvements to My Organization:To organizations like mine, security information and event management products being introduced in the industry, as an outcome of several vulnerability, are able to provide real-time monitoring reporting and defense against these attacks. It has helped us to gather, store, correlate and analyze security log data from many different information systems.Room for Improvement:For this review, ArcSight sent me the Logger 4 7000-series appliance (2U) with six 1TB RADIUS drives, the maximum amount of internal storage available. I will like to see a threat analytics module. Also, the ability to produce reports.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partners June 8, 2016
Rated 5 out of 5 by The user has multiple levels of options to generate reports and get alerted based on conditions. Valuable Features:* Collection - Collects logs from a wide range of products, even those not supported by default and the users can develop a connector for log collection.* Detection - Caliber to detect subtle attacks with a powerful correlation engine.* Report/Alert - The user has multiple levels of options to generate reports and get alerted based on conditions.Improvements to My Organization:By using ArcSight ESM and its correlation technology, it thwarts multiple attacks from external sources before exploitations such as SQL injection, UNIX password file attempt, brute force to published servers, and more.In addition, internal frauds have been prevented through preventing unauthorized login attempts to the firewall, database, critical servers, etc.Room for Improvement:ArcSight Connector appliance needs some improvement, as it has some bugs which triggers issues most of the time. I believe that the Connector is going to hit end-of-service.Deployment Issues:We experienced no issues with the deployment.Stability Issues:We had the bugs in Connector as detailed in the Areas for Improvement section.Scalability Issues:We've had no issues with scalability.Technical Support:Technical support should be improved. Many times, I've raised a case but none of them solved it and it took the guys from the Protect724 forum so solve my issue. The support team simply collects the logs from end users and makes you wait, and you carry on passing the same information which is available in the Admin guide.Initial Setup:All you need is proper planning and pre-requisites information, and it's straightforward. Some newbies say that this product is hard to handle, but basically practice makes perfect.Other Advice:HP are doing their job perfectly by bringing new features in every version, such as RepSM, HA capability, etc. It has never failed me.Disclaimer: I am a real user, and this review is based on my own experience and opinions. March 31, 2016
Rated 4 out of 5 by It allows us to traceback security threats, to generate usage trends and discover anomalies. Valuable Features:For us, there are several valuable features.* The ability to correctly parse the most number of products comparing to its competitors;* The ability to create very complex scenarios to detect security risks and anomalies;* Very stable system components (connectors, logger and correlation engine) combined with satisfactory vendor support; and* The ability to create parsers for all kinds of applications and systems is an important differentiator.Improvements to My Organization:It greatly changed our work habits in the organization allowing us to not only trace back security threats, but also to generate usage trends, discover anomalies and so many other usages. It quickly became an indispensable tool.Room for Improvement:They can definitely provide faster search response and offer larger on-the-box storage support. The predefined correlation ruleset can be improved to cover more security alerts and more products.There is also still room for improvement for processing speed. An easily accessible documentation such as reference architectures does not exist, more guidance can be provided to customer for such a complex product.Deployment Issues:We've had no issues with deployment.Stability Issues:We've had no issues with stability.Scalability Issues:We've had no issues with scalability.Disclaimer: I am a real user, and this review is based on my own experience and opinions. March 17, 2016
Rated 3 out of 5 by The live threat feed keeps us abreast of the latest threats. The initial setup required a lot of customization. Valuable Features:From the time that we purchased it, the multi-tenancy feature has been the most valuable for us. At the time, HP was the only vendor with this feature, but it seems that every vendor today does. Another feature we like is the live threat feed that's quite advanced. HP is the industry leader with this from an SIEM perspective.Improvements to My Organization:From a daily perspective, ArcSight prevents attacks while it actively monitors our systems. It provides us analytics for these attacks and helps keep us abreast of the latest threats because of live threat feeds.Room for Improvement:It's complicated to deploy. I need a logger at each site, which also gets quite expensive. There's no shared loggers.Deployment Issues:We've had no issues with deployment, although it's complicated.Stability Issues:It's a pretty stable solution. We've had no issues with instability.Scalability Issues:It's very scalable.Technical Support:They're pretty good and responsive.Initial Setup:The initial setup was complex and required a lot of customization and tinkering. There are other products on the market that are very light, and this is not one of them. To get all the functionalities and to exploit them, it takes a long time to deploy. It takes 3-4 months.Cost and Licensing Advice:It's very expensive in its licensing model.Other Advice:Definitely consider it as a top-3 choice, but know what you're trying to achieve with an SIEM tool.Disclaimer: I am a real user, and this review is based on my own experience and opinions. March 15, 2016
Rated 4 out of 5 by It's a reliable service and provides our team members with a lot of knowledge. Valuable Features:It's a reliable service and provides our team members with a lot of knowledge. In turn, it provides solutions for the needs of the IT department.Room for Improvement:There are improvements that could be made to help us insure that we're in compliance with our monitoring requirements.Use of Solution:I've been in my group for over eight years and we've used it for the entire time. I'm not sure when the initial implementation was.Deployment Issues:We've had no issues with deployment.Stability Issues:It's consistently stable. I've not heard any complaints about instability.Scalability Issues:HP has delivered for our company and its size.Initial Setup:The initial setup was done more than eight years ago before I started with the company.Implementation Team:We bring in an HP consultant for development and implementation.Other Advice:It's a solid product supported by a solid company.Disclaimer: I am a real user, and this review is based on my own experience and opinions. March 9, 2016
Rated 4 out of 5 by It reduces the amount of time required to perform an investigation because of the correlation and aggregation of all the events. Valuable Features:It reduces the amount of time required to perform an investigation because of the correlation and aggregation of all the events. From what I've seen for our network, it's the best at ingestion of events.Improvements to My Organization:We're a large organization, and the tool scales very well for us.Room for Improvement:The technical support needs to be improved.Deployment Issues:We've had no issues with deployment.Stability Issues:Whether we've had issues with stability is a hard thing to say because we're on the cutting edge of virtualization. When we were on older hardware with physical servers, it was relatively stable. But we ran into issues with support, and we decided to virtualize a lot of the it -- everything from the loggers to the ESM. We see a lot of performance gains, but our biggest hangup is support. The tool itself is great, but when we run into a hiccup, it seems they don't have the expertise on the support side to get us quickly back to where we need to be.Scalability Issues:We have well over 100,000 employees and we've virtualized a lot. Again, the problem is with getting support as we scale.Technical Support:They don't listen when we report an event or issue. We tend to be on the bleeding edge, so we have to do our own troubleshooting and perform our own resolution of events. When we send information, they've often asked for logs. And sometimes we don't get responses at all. I often have to ask for a status update on our tickets, which oftentimes get sent to non-US support teams. They're then re-assigned back to the US and there's a lot of confusion.Technical support has been so frustrating that we've brought in an intermediary, LiveQuest, to deal with HP support for us.Initial Setup:I've set it up so many times now, it's really hard for me to describe it. It's pretty straightforward and has become second nature for me.Other Advice:You have to really know your environment. Have a good SE, and be prepared to do a lot of your own homework.Disclaimer: I am a real user, and this review is based on my own experience and opinions. March 3, 2016
Rated 3 out of 5 by Network investigation is poor but it's highly customizable Valuable Features:* Powerful Correlation* Customization* Integration capabilitiesRoom for Improvement:* Very complex install and management* Steep learning curve* Poor Network Investigation* Poor analytics.Use of Solution:Six years.Stability Issues:Yes, Logger, ESM and Connector ecosystem if not set up properly, lead to stability issues both in point operations as well as integrations.Scalability Issues:No. ArcSight is very scalable.Customer Service:3 out of 5.Implementation Team:We implemented it in-house.ROI:Poor as the product takes more effort to generate value. Its CAPEX cost is high too.Other Advice:If you really want the power and flexibility of customizing your Security monitoring and correlation, go with ArcSight, but beware of the effort involved in set up and maintenance.Disclaimer: I am a real user, and this review is based on my own experience and opinions. January 27, 2015
  • 2016-10-27 T09:53:49.562-05:00
  • bvseo_lps, prod_bvrr, vn_prr_5.6
  • cp-1, bvpage1
  • co_hasreviews, tv_8, tr_8
  • loc_en_US, sid_2546706, prod, sort_default
1-8 of 8
Adding to Cart...
10/28/2016 1:08:42 PM
^ Back to Top

Maximum 300 characters
An account manager will email you within one business day to confirm your request.

Your Quote has been submitted

What Happens Next? A confirmation email is on its way. Within one business day, you will be contacted by an Account Manager to finalize your quote.


Something went wrong.

Please try again later.

License Selector

    The license selector is not currently available. Please try again later.