ArcSightProtect Your universe with

The ArcSight SIEM Platform:

Prevent Data theft

enforce compliance

Defeat cybercrime

1

Problem more threats, more risk, more Pain

solution complete visibility to Address Problems early

Keeping your organization safe and secure can be a daunting task. Bots, worms, and hackers threaten it from the outside. Data breaches, theft, and fraud threaten it from the inside. A bad economy only magnifies the problems. At the same time, increasing regulations and fines highlight the risk of failure in preventing these threats.

It’s never been more challenging to protect your business. As a result, the value of automated security and compliance monitoring has never been higher.

The ArcSight SIEM Platform helps safeguard your business by giving you complete visibility into activity across the IT infrastructure: external threats such as malware and hackers; internal threats such as data breaches and fraud; and compliance pressures from failed audits.

ArcSight provides the industry’s leading Security Information and Event Management (SIEM) platform comprised of an integrated product suite for collecting, processing and assessing security and risk event information, to enable rapid identification, prioritization, and response to policy breaches, cyber-security attacks and insider threats. For six consecutive years, Gartner has positioned ArcSight in the Leaders Quadrant for Security Information and Event Management and IDC has once again named ArcSight as the market share leader in the SIEM market.

before Arcsight, it was

difficult to know in real-

time what was happening

from an it security and

compliance perspective.

now we have dashboards

that are viewed by very

skilled security analysts.

Arcsight has quickly

become a key strategic

element in the safe and

secure operation of our

bank.

Ali Alotaibi , it security -

manager,

saudi hollandi bank

lower the cost of compliance

Protect critical assets and information

manage billions of log events

monitor key users for unusual activity

2

here’s what Arcsight siem can do for you:

Protect criticAl Assets AnD informAtionReal-time monitoring of key assets such as file servers, control systems, and databases help detect signs of trouble when it is still possible to prevent disaster. The ArcSight SIEM Platform correlates the many pieces of information and evaluates risks across your enterprise to act as an early warning system for your business.

lower the cost of comPliAnce Regulations continue to increase and compliance remains a top business initiative. To avoid the penalties of failed audits, organizations must show that their controls are effective and that their business systems are robust enough to fend off attack and protect confidential information. ArcSight pre-built regulatory compliance packages to provide “out of the box” mapping to specific requirements. The result is automated compliance reporting and continuous compliance control oversight, resulting in lower effort and operational costs with more protection.

monitor keY users for unusuAl ActivitY Is someone in the finance department leaking earnings information? Is a call center representative stealing customer credit card data? Is a terminated employee gaining access to his old accounts? Only ArcSight can provide a 360-degree view of your systems and users, and tell you who is doing what, where, when and how. ArcSight links user, group, and role information with actual network and application activity to provide verified connections between actual people (not just an IP address) and potentially high-risk activities.

mAnAge billions of log events The pressure is on to collect and store audit-relevant log data from numerous sources. Without effective log management, it becomes nearly impossible to sift through terabytes of information and isolate the events needed to support an audit or an investigation. ArcSight can help your enterprise store, manage, and report against massive volumes of log data and enables forensics analysis of security incidents, as well as automated compliance reporting.

NetworkDevices Security

Devices

PhysicalAccess Mobile

ServersDesktop

IdentitySources Email

DatabasesApps

3

the Arcsight siem Platform

Arcsight logger

Arcsight compliance insight Packs

Arcsight esm

Arcsight identityview

thanks to Arcsight, it became

very easy to look at a series

of security events—regardless

of which device they came

from—and see the real scope

of the problem and respond

appropriately.

tim maletic, information services -

security officer,

Priority health

The ArcSight SIEM Platform is an integrated product suite for collecting, processing, and assessing security and risk event information.

Arcsight connectors

4

Enterprisewide Protection •World-Class Correlation and Analysis •Automated or Manned Security Operations•Sensitive Data Protection•Critical Transaction •Monitoring

Fastest Collection and Search Available•Small-to-Enterprise Scalability•Business Intelligence for Logs•Automated Compliance•Low-Cost Storage •

ArcSight ESM

ArcSight Logger

Arcsight esm with its state-of-

the-art technology and ease of

scalability is the key element

for our t-mobile operations

security cockpit as it answers

the challenge of identifying

quickly the relevant security

threats.

r.kopp vP, t-mobile operations -

risk management,

t-mobile

Arcsight has been with us every

step of the way—they listened

to our needs and are invested

in our success. they proved to

us they aren’t just a technology

vendor, they are a partner.

kent Podvin, Director of it, -

capital blue cross

5

Privileged User Monitoring•Shared Account Attribution•User Behavior Profiling•360˚ User Activity Analysis•Role Violation Detection•

275+ Third-Party Product Connectors•Simple Toolkit for Virtually All Other Products•Future Proofed Through Event Normalization •

ArcSight IdentityView

ArcSight Connectors

6

Continuous Control Monitoring•Audit-Ready Compliance Reports •Pre-built for Specific Regulations•Best Practice IT Governance •Frameworks

Security Expert “In a Box”•Automated Security Operations •Pre-built, Comprehensive Protection and Compliance•World-Class Correlation •and Log Management

Turnkey Simplicity •

ArcSight Compliance Insight Packs

ArcSight Express NEw!

typically, skilled people are

required that understand the

log files on each of the different

systems in your environment.

but Arcsight express eliminates

that need by doing all the

aggregation and correlation

across all our systems. now

one employee can do the work

of four or five people. Arcsight

express is a very cost effective

solution.

candy Alexander, chief security -

information officer, long term

care Partners

About Arcsight

ArcSight (NASDAQ: ARST) is a leading global provider of

compliance and security management solutions that protect

enterprises and government agencies. ArcSight helps customers

comply with corporate and regulatory policy, safeguard their assets

and processes, and control risk. The ArcSight SIEM Platform

collects and correlates user activity and event data across the

enterprise so that businesses can rapidly identify, prioritize, and

respond to compliance violations, policy breaches, cyber-security

attacks, and insider threats.

ArcSight, Inc.5 Results Way, Cupertino, CA 95014, USA | www.arcsight.com | info@arcsight.comCorporate Headquarters: 1-888-415-ARST | EMEA Headquarters: +44 870 351 6510 | Asia Pac Headquarters: 852 2166 8302

© 2009 ArcSight, Inc. All rights reserved. ArcSight and the ArcSight logo are trademarks of ArcSight, Inc. All other product and company names may be trademarks or registered trademarks of their respective owners.ARST-EVB001-060809-04

ArcSight

SIEM