November 2013 ArcSight SmartConnector Supported Products

The HP ArcSight library of out of the box SmartConnectors provides source-optimized collection for 350+ commercial products. These products span the entire stack of event-generating source types, from network and security devices to databases and enterprise applications. SmartConnectors are the default listing in this document.

In addition to SmartConnectors developed and maintained by HP ArcSight, we test and certify the following connector types through our Technology Alliances Program:  CEF Certified:- Ensures event information is captured properly in the (Common Event Format)  Action Certified: - Allows for control of a vendor’s technology from within the ArcSight console

HP ArcSight SmartConnector supported Cloud  Vormetric Data Security Manager  FlexConnector for REST  JBoss Security Auditing File 7.1 platform for installation

 Microsoft Windows XP Professional Firewall (SP3) 32-bit Content Security  Check Point FW-1  Microsoft Windows Server 2003 R2 (SP2)  Aladdin eSafe Gateway  Cisco PIX Firewall 32/64-bit  Barracuda (NetContinuum Web Firewall)  Cisco PIX/ASA Syslog, version 8.5, 8.6  Microsoft Windows Server 2008 SP2  McAfee Email and WebSecurity  CyberGuard Firewall 32/64-bit Appliance (CEF)  F5 BIG-IP Application Security Manager –  Microsoft Windows Server 2008 R2 SP1  McAfee Web Gateway (CEF) 64-bit  Proofpoint Enterprise Protection and  Juniper Networks (Altor Networks  Microsoft Windows Server 2012 Enterprise Privacy Virtual Firewall) - (CEF) Standard 64-bit  Puresight Content Filter  Juniper Network Security Manager  Red Hat Enterprise Linux (RHEL) 6.4 64-  Secure Computing Webwasher (NetScreen) bit  TrendMicro Control Manager  Juniper Network Security Manager  SUSE Linux 11 Enterprise Server 64-bit  TrendMicro InterScan Messaging Syslog, version 2011.4  Oracle Solaris 10, 64-bit Security (Control Manager)  Juniper Networks Firewall and VPN  IBM AIX Version 7.1, 64-bit TrendMicro InterScan Web Security   Lucent Managed Firewall (Control Manager)  McAfee Desktop Firewall Anti-Virus/Anti-Spam DAM/DB Security  Secure Computing Gauntlet Firewall/VPN  F-Secure Anti-Virus  Application Security DBProtect – (CEF)  Stonesoft Stonegate  Kaspersky Anti-Virus  IBM Guardium – (CEF)  Symantec Enterprise Firewall  McAfee VirusScan Enterprise  Imperva SecureSphere – (CEF)  Symantec Gateway Security  Sophos  Oracle (Secerno DataWall)– (CEF)  Sentrigo HedgeHog (Enterprise, vPatch)  Sybari Antigen for Microsoft Exchange HoneyD  Symantec Endpoint Protection Manager – (CEF)

(SEPM) database SEP 12  Symantec Mail Security for MS Exchange Database IDS/IPS – Host Based  IBM DB2  TrendMicro OfficeScan (Control  Cisco Security Agent (Okena)  IBM DB2 UDB Audit File, version 10 Manager, TM Control Manager DB)  ISS Black Ice Server Protection  TrendMicro VirusWall (Control Manager)  IBM DB2 UDB Audit File, Multiple (SiteProtector) Instance  McAfee Host IPS (Entercept)  Microsoft SQL Applications  NFR Security HID  Oracle  IBM WebSphere  SANA Primary Response  Oracle Audit Vault  Oracle Weblogic Server (BEA)  Symantec Critical System Protection  SAP ERP  Oracle Audit Syslog, version 11gR2 database  Microsoft SharePoint Server DB  Oracle Audit XML11gR2  Symantec ITA (Intruder Alert)  Sybase Adaptive Server Enterprise  Tripwire Manager & Tripwire Enterprise –

Application Security (CEF) Data Leak Prevention  Arxan GuardIT – (CEF)  Fidelis XPS – (CEF)  Bit9 Parity – (CEF) IDS/IPS – Network Based  McAfee Host Data Loss Prevention  Layer7 SecureSpan/CloudSpan Gateway  Broadweb Netkeeper Endpoints (HDLP) – (CEF)  Bro IDS  Symantec DLP (Vontu)  McAfee Application Control (SolidCore)  Bro IDS NG File  Silver Tail Systems Forensics – (CEF)  Cisco IPS Sensor Data Security  Cisco Secure IDS  Cyber-Ark Inter-Business Vault – (CEF)  Cisco WIPS SNMP Clinical / Healthcare Applications  Cyber-Ark Sensitive Document Vault –  CounterSnipe (CEF)  FairWarning – (CEF)  Enterasys Dragon  Ingrian

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

 HP TippingPoint  Palo Alto Networks PAN-OS - (CEF)  Intrusion SecureNet Pro  Secure Computing Sidewinder Network Access Control  ISS RealSecure Server Sensor  SonicWALL  ForeScout CounterACT– (CEF, Action)  ISS RealSecure WorkGroup Manager  Stonesoft StoneGate – (CEF)  Mirage Networks Counterpoint  ISS Proventia IPS Appliance (SiteProtector) IT Operations Network Behavior Anomaly  Juniper Networks IDP (NetScreen)  HP Operations Manager (OM, OMi)  Arbor Networks Peakflow  McAfee Network Security Manager  HP Openview Operations (OVO)  Lancope StealthWatch – (CEF) (IntruShield)  Mazu Profiler  NFR Central Management Server Log Consolidation & Analysis  NFR Security NID  Cisco MARS Network Discovery  NitroSecurity IPS  Enterprise IT Security SF-RiskSaver –  Lumet IPsonar  PacketAlarm IDS (CEF)  Radware DefensePro  Quest InTrust (fka Aelita Event Manger Network Forensics  Snort (AEM)  Narus Insight CyberProtection – (CEF)  Sourcefire Intrusion Sensor  Qualys QualysGuard File, version 7.1  Niksun NetDetector – (CEF)

 Sourcefire Defense Center Management  RSA NetWitness – (CEF) Console Mail Filtering Network Management  Sourcefire Defense Center eStreamer,  Cisco Ironport Email Security Appliance  Cisco Works version 5.0.2, 5.1  McAfee Email Gateway (Secure Cisco Wireless LAN Controller Syslog  Sourcefire RNA Sensor (Real-time Computing IronMail)   F5 BigIP – (CEF) Network Awareness)  McAfee Security for Email Servers  Symantec ManHunt (GroupShield)  HP Network Node Manager i (NNMi)

 Symantec Network Security 7100  MessageGate  Toplayer Attack Mitigator  Symantec Messaging Gateway (Mail Network Monitoring Security 8200 Series)  ISC DHCP IDM, IAM & Identity Security  ISC BIND  ActivCard AAA Server DB Mainframe  Microsoft Operations Manager DB (MOM)  Aveksa Business Insight 1.0 (Action)  CA Top Secret  Microsoft System Center Operations  CA eTrust SiteMinder (Netegrity)  Enterprise IT Security SF-Sherlock – Manager DB (SCOM)  Cisco Secure Access Control Server (ACS) (CEF)  Microsoft System Center Configuration  Cyber-Ark PIM Suite – (CEF)  Enterprise IT Security SF-NoEvasion – Manager DB  FOXt ServerControl (CEF) (CEF)  Microsoft DHCP  IBM Tivoli Access Manager  IBM OS/390 (NVAS)  Microsoft DNS  Juniper SBR (Steel Belted Radius)  IBM OS/390 (SDSF)  Microsoft WINS  Lieberman Software ERPM – (CEF) Type80 SMA_RT for RACF  Nagios

 Microsoft Active Directory  Type80 SMA_RT for CA Top Secret  Microsoft Forefront Network Traffic Analysis  Microsoft Forefront DB Mail Server  Cisco NetFlow / Flexible Netflow  Microsoft Network Policy Server  IBM Lotus Notes Domino Enterprise  NetScout nGenius – (CEF) (Windows IAS/RADIUS) Server  nPulse HammerHead – (Action)  Novell Nsure Audit  Microsoft Exchange  QoSient Argus  Oracle NetPoint (Oblix)  Microsoft Exchange PowerShell  InMon sFlow  Oracle SunONE Directory Server  Microsoft Forefront for Exchange Server  Solera Networks – (Action)  PacketMotion PacketSentry – (CEF) Sendmail  TCP Dump  Ping Identity PingFederate – (CEF)  Microsoft Forefront Protection Server  Quest ChangeAuditor DB Management Console DB Network Traffic Management

 RSA Authentication Manager (ACE Malware Detection  Cisco Distributed Director 4500 Server)  Bro IDS Damballa CSP – (CEF)  RSA Access Manager (ClearTrust)   Damballa Failsafe – (CEF)  Secure Computing SafeWord Operating Systems  FireEye MPS – (CEF) PremierAccess  IBM AIX Operating System  Guidance – (Action)  Thycotic Secret Server – (CEF)  HP OpenVMS  HBGary Active Defense – (CEF)  HP-UX Operating System Integrated Security  Mandiant Intelligent Response – (CEF, Action)  HP-UX Syslog, version 11i v3  Barracuda Networks Spam Firewall  Truimfant Resolution Manager – (CEF)  Microsoft Windows  Cisco ASA 5500 7/NT/2000/2003/XP/2008 Server/Vista  Fortinet FortiGate IBM AS/400  Microsoft Windows Event Log – Unified,  iPolicy Intrusion Prevention Firewall SQL Server 2012 for SQL Server Audit

For additional information on HP ArcSight SmartConnector, visit the user community website on Protect724 (need Protect724 login): https://protect724.arcsight.com/docs/DOC-2691

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

 Redhat Linux  Nortel Contivity Extranet Switch  Snare for Microsoft Windows  Solaris BSM Vulnerability Assessment  UNIX  eEye REM Security Management Console  Sabernet NT Syslog  eEye Retina Network Security Scanner  HP NonStop Servers (XYPRO Merged  Harris STAT Scanner Audit) – (CEF)  ISS Internet Scanner  McAfee Vulnerability Manager Physical Systems/ Security (Foundscan)  RedCloud (Plasec) – (CEF)  nCircle IP360 Device Profiler  nCircle IP360 Threat Monitor Policy Management  Nmap  McAfee Policy Auditor  OVAL  NetIQ Security Manager  Qualys Guard  Securify SecurVantage  Rapid 7 NeXpose  Solsoft Policy Server  Symantec NetRecon  Tenable Nessus Router  Visionael Security Audit  Cisco Router  Saint Vulnerability Scanner  Juniper Router (JUNOS)  HP H3C Comware Platform Web Cache  BlueCoat Proxy SG Series Security Management  Microsoft ISA  Network Appliance NetCache  Enterasys Dragon Server Squid IBM SiteProtector    Intrusion Securenet Provider Web Filtering  ISS Site Protector  Cisco Ironport Web Security Appliance  McAfee ePO  Websense Web Security Suite  McAfee Network Security Manager DB  McAfee Rogue System Detection (via ePO) Web Server  MicroSoft Audit Collection System  Apache  Symantec ESM  Microsoft IIS  Symantec SESA  Sun ONE Storage  NetApp Filer (FAS) Wireless  EMC Celerra  AirDefense Guard  AirMagnet Enterprise Switch  AirPatrol Wireless Locator System (WLS)  Cisco Catalyst – (CEF)  Cisco CSS 11500 Series Content Services  Aruba Mobility Controller Switches  Cisco AIRONET 1200  Cisco NX-OS  Cisco Mobility Services Engine  Foundry Networks Big Iron  Newbury Networks Wi-fi Watchdog

 HP Ethernet Switch  HP ProCurve Syslog

Virtualization  CounterTack Event Horizon - (CEF)  VMWare ESX/ESXi Server  VMWare Virtual Center

VPN  Alcatel Secure VPN Gateway  Check Point VPN-1  Cisco VPN Concentrator  Citrix Access Gateway  Juniper/NetScreen (Neoteris) SSL VPN

For additional information on HP ArcSight SmartConnector, visit the user community website on Protect724 (need Protect724 login): https://protect724.arcsight.com/docs/DOC-2691

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.