Flyer Application Delivery Management ArcSight Connector Supported Products The Micro Focus ArcSight library of out­of­the­box connectors provides source­optimized collection for leading security commercial products. These products span the entire stack of event­generating source types, from network and security devices to databases and enterprise applications. In addition to connectors developed and main­ Anti-Virus/Anti-Spam ■ Oracle WebLogic Server tained by ArcSight, we test and certify the ■ Endgame ■ SAP Enterprise Resource Planning (ERP) following connector types through our tech­ ■ F­Secure Anti­Virus nology alliances program (TAP): ■ Intel (McAfee) VirusScan Enterprise via (ePO) Cloud ■ Common event format (CEF) certified— ■ Adallom Cloud Access Security Broker Kaspersky Anti­Virus helps ensure event information is captured ■ ■ AWS CloudTrail properly in the CEF ■ Sophos ■ AWS CloudWatch VPC Flow Logs ■ Action certified—allows for control of ■ Symantec Endpoint Protection Manager AWS Elastic Compute Cloud (EC2) a vendor’s technology from within the (SEPM) Database ■ ArcSight console ■ Symantec Mail Security for Microsoft ■ AWS GuardDuty ■ Forwarding connector—allows for Exchange ■ AWS Identity and Access Management events to be forwarded from ArcSight to ■ Trend Micro (TM) OfficeScan (Control (IAM) partner solution Manager and TM Control Manager ■ AWS S3 (Simple Cloud Storage Service) Database DB) ■ Please refer to the index section for ■ Azure Event Hubs listing by connector type ■ Blue Coat (Elastica) CloudSOC Application Security ■ Box ArcSight Connector Supported ■ Bit9 + Carbon Black Security Platform CloudPassage Halo Platform for Installation ■ CA Layer 7 SecureSpan/CloudSpan ■ ■ CentOS Linux 6.8, 6.9, 7.5, 7.6, 7.7, 8.1 CloudControl Gateway ■ Exabeam User Behavior Analytics 64­bit ■ FairWarning ■ FlexConnector for REST (can support Box, ■ Microsoft Windows Server 2008 SP1/SP2 ■ Intel (McAfee) Application Control SFDC, Google Apps, and more) 32­bit and 64­bit (Solidcore) via (ePO) ■ Illumio Policy Compute Engine (PCE) ■ Microsoft Windows Server 2012 and ■ Intralinks VIA ■ Microsoft Office 365 2012 R2 64­bit ■ RSA Web Threat Detection Clinical/ ■ Palerra LORIC ■ Microsoft Windows Server 2016, 2019 Healthcare applications ■ vArmour Distributed Security System (DSS) Standard 64­bit ■ Zscaler Nanolog Streaming Service (NSS) ■ Oracle Solaris 10, 11 64­bit (SPARC) Applications ■ ERPScan Security Monitoring Suite for SAP ■ Oracle Solaris 11 64­bit (x86_64) Content Security ■ ESNC Security Suite­Enterprise Threat ■ Red Hat Enterprise Linux (RHEL) 6.8, 6.9, ■ Barracuda Web Application Firewall Monitoring 7.5, 7.6, 7.7, 8.1 64­bit (NetContinuum) ■ IBM WebSphere ■ SUSE Linux 11, 12, 15, 15.1 Enterprise ■ Gemalto (SafeNet) eSafe Gateway Server 64­bit ■ iT­CUBE agileSI SAP ■ Intel (McAfee) Email and Web Security ■ Microsoft SharePoint Server Database Appliance Flyer ArcSight Connector Supported Products ■ Intel (McAfee) Web Gateway (Webwasher) ■ Imperva SecureSphere ■ Novell Nsure Audit ■ Proofpoint Enterprise Protection and ■ Intel (McAfee) Sentrigo Hedgehog ■ ObserveIT Enterprise Enterprise Privacy (Enterprise and vPatch) ■ Oracle Sun ONE Directory Server ■ PureSight Content Filter ■ Trustwave Application Security DbProtect ■ Proofpoint NetCitadel ThreatOptics ■ Trend Micro Control Manager ■ Varonis DatAdvantage ■ RSA Authentication Manager ■ Trend Micro InterScan Messaging Security ■ RSA Aveksa (Control Manager) Firewall ■ Securonix RTI—Risk and ■ Check Point FireWall­1 GX ■ Trend Micro OfficeScan Client/Server Threat Intelligence (Control Manager) ■ Cisco PIX/ASA Firewall ■ SpectorSoft Spector 360 Export Service ■ Trend Micro ScanMail for Lotus Domino ■ Dell SonicWALL Firewall Syslog ■ Swimlane (Control Manager) ■ Juniper Firewall ScreenOS Syslog ■ Thycotic Secret Server ■ Juniper IDP Series Syslog Data Leak Prevention ■ VMware PacketMotion PacketSentry ■ Digital Guardian ■ Juniper JUNOS Syslog ■ Fidelis Cybersecurity XPSGTB Inspector ■ Juniper Network and Security Manager IDS/IPS Syslog ■ Bro IDS ■ Intel (McAfee) Host Data Loss Prevention (HDLP) via (ePO) ■ Next­Generation Firewall (NGFW) ■ Bro IDS NG File ■ Trend Micro (TippingPoint) ■ BroadWeb NetKeeper Data Security ■ Cisco IBM AIX Management Center ■ Absolute Data and Device Security (DDS) IDM, IAM, and Identity Security ■ Cisco Secure IPS SDEE ■ Atalla IPC ■ Balabit Shell Control Box ■ Extreme Networks Dragon Export Tool ■ Atalla Network Security Processor (NSP) ■ Bay Dynamics, Risk Fabric ■ Extreme Networks Dragon IDS ■ Cisco Firepower Management Center ■ BeyondTrust’s PowerBroker ■ IBM Site Protector DB ■ Cisco ISE ■ CA SiteMinder Single Sign­On File ■ Intel (McAfee) Host Intrusion Prevention ■ JBoss Security Auditing File ■ Cisco Secure Access Control Server (ACS) ■ LightCyber Magna ■ Thales Data Firewall (Vormetric) ■ CyberArk Privileged Account Security Management (PSM) Suite ■ Management System (SMS) ■ Zettaset BDEncrypt ■ NitroSecurity Syslog ■ CyberArk Privileged Threat Analytics (PTA) ■ Radware DefensePro Database ■ Dell Change Auditor DB (Quest) ■ Microsoft SQL Server ■ Snort ■ Hexadite AIRS ■ Oracle Audit DB ■ Systems (HIPS) via (ePO) ■ IBM Security Access Manager ■ Oracle Audit Syslog ■ Trend Micro (TippingPoint) Security ■ Juniper Steel­Belted Radius (SBR) ■ Oracle Audit Vault ■ Lieberman Software Enterprise Random Integrated Security ■ Oracle Audit XML File Password Manager (ERPM) ■ Cisco ASA 5500 ■ Oracle Unified Audit Trail DB Microsoft Active Directory ■ ■ Dell SonicWALL ■ Sybase Adaptive Server Enterprise Microsoft Forefront ■ ■ Fortinet FortiGate Microsoft Forefront Database Database Activity Monitoring (DAM)/ ■ ■ Palo Alto Networks PAN­OS Database Security ■ Microsoft Network Policy Server ■ Trend Micro (TippingPoint) Next­Generation ■ IBM InfoSphere Guardium ■ Netwrix Auditor Firewall (NGFW) 2 IT Operations ■ Damballa CSP ■ Microsoft Operations Manager Database ■ Operations Manager (OM) ■ Damballa Failsafe ■ Microsoft System Center Configuration Operations Manager i (OMi) Manager (SCCM) Database ■ ■ Fidelis Cybersecurity CIRT ■ Microsoft System Center Operations ■ FireEye Malware Protection System (MPS) Log Consolidation and Analysis Manager (SCOM) Database ■ Dell InTrust database ■ FireEye Mandiant Intelligent Response ■ Microsoft WINS ■ Qualys QualysGuard ■ Guidance EnCase ■ Radware Inflight ■ Lastline Enterprise Anti­Malware Reservoir Labs R­Scope Mail Filtering ■ ■ Cisco Email Security Appliance (formerly Network Access Control Network Traffic Analysis IronPort) ■ Aruba ClearPass ■ Blue Coat (Solera) DeepSee ■ Intel (McAfee) Email Gateway (Secure ■ ForeScout CounterACT Computing IronMail) ■ Cisco NetFlow/Flexible NetFlow Niara Security Intelligence ■ ■ Corvil Network Data Analytics ■ Intel (McAfee) Security for Microsoft Portnox Exchange (MSME) via (ePO) ■ ■ FireEye nPulse HammerHead PhishMe Triage ■ Gigamon NetFlow ■ Network Behavior Anomaly ■ InMon sFlow ■ Symantec Messaging Gateway ■ Arbor Networks Peakflow ■ Intel (McAfee) Rogue System Detection ■ Cybersponse Mail Server via (ePO) Microsoft Exchange ■ IP Flow Information Export ■ ■ NetScout nGenius ■ Qosmos DeepFlow Probes ■ Microsoft Exchange PowerShell ■ QoSient Argus ■ Microsoft Forefront Protection 2010 for Network Forensics ■ Seculert Automated Attack Exchange Server Detection Platform ■ Narus nSystem ■ Microsoft Forefront Protection Server ■ Savvius Omni Distributed ■ ReversingLabs N1000 appliance Management Console Database Analysis Platform ■ RSA NetWitness ■ Sendmail ■ TCPdump ■ Vectra Networks X­Series Mainframe Network Management CA Top Secret ■ Cisco Wireless LAN Controller Syslog ■ Network Traffic Management ■ Intel (McAfee) Network Security Manager ■ HelpSystems PowerTech Interact ■ Cisco Catalyst Switches ■ IBM eServer iSeries Audit Journal File ■ Lumeta Enterprise Situational Intelligence (ESI) Operating Systems ■ IBM z/OS (RACF) ■ Micro Focus Network Node Manager i ■ HP­UX Operating System ■ IBM z/OS System Display and Search (NNMi) SNMP Facility (SDSF) ■ HP­UX Syslog ■ HPE NonStop servers (XYGATE Merged ■ IBM z/OS System Log Network Monitoring Audit) ■ Type80 SMA_RT for RACF ■ ISC BIND ■ HPE OpenVMS ■ ISC DHCP Malware Detection ■ IBM AIX Operating System Microsoft Azure NSG flow ■ AhnLab Malware Defense System (MDS) ■ ■ Linux SUSE Microsoft DHCP ■ CounterTack Active Defense (formerly ■ ■ Microsoft Windows Servers 2003/2008/ ManTech) ■ Microsoft DNS 2008 R2/2012/2012 R2 www.microfocus.com 3 Flyer ArcSight Connector Supported Products ■ Microsoft Windows Vista 7, 8, and 10 Switch ■ FFRI FFR yarai ■ Oracle Solaris ■ Cisco NX­OS ■ Intel (McAfee) Vulnerability Manager ■ Red Hat Linux ■ Brocade BigIron (Foundry Networks) (FoundScan) ■ SaberNet NTSyslog ■ HPE Networking syslog ■ Language (OVAL) standard ■ Snare for Microsoft Windows ■ Nmap Threat Management UNIX ■ Open Vulnerability and Assessment ■ ■ VarySys PacketAlarm ■ Rapid7 Nexpose Packet Capture Threat Intelligence ■ SOC Prime Integration Framework ■ Ixia Net Tool Optimizer ■ Anomali’s ThreatStream optic ■ Squid Web Proxy Cache Comilion Instance Policy Management ■ ■ SAINT Vulnerability Scanner ■ Intel (McAfee) Policy Auditor via (ePO) ■ FireEye (iSIGHT) ThreatScape API ■ Tenable Nessus ■ NetIQ Security Manager ■ LookingGlass ScoutVision ■ Webroot BrightCloud ■ Recorded Future: Real­Time Threat Router Intelligence Web Cache ■ Cisco Routers ■ ThreatConnect Threat ■ Blue Coat ProxySG series ■ HPE H3C Comware Platform Intelligence Platform ■ Microsoft Internet Security and ■ Juniper Routers (Junos) Acceleration
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages8 Page
-
File Size-