Iyini i-HP ArcSight ESM. Ukusetshenziswa, Izici, Imibono, Amanani

I-HP ArcSight ESM isofthiwe yolwazi lwezokuphepha kanye nokuphathwa kwemicimbi (SIEM) yamabhizinisi nezingcweti. Lapha uzothola imibono yekhasimende, isethulo kanye nentengo yale phakheji yesofthiwe okukhulunywe ngayo ezigabeni I-Computer Security Software kanye ne-Computer Security Software.

Isoftware ye-HP ArcSight ESM inconyelwe ngokukhethekile ubungcweti bokuphatha nokuphatha. Le phakheji yesofthiwe ivamise ukusetshenziswa ama-ETI, ama-akhawunti amakhulu nama-SME, kanye nezinkampani eziseMisebenzini noma emikhakheni yemisebenzi Yezinga eliphezulu.

Intengo ye-HP ArcSight ESM iyatholakala uma icelwa (le softhiwe inesivivinyo samahhala). Sikumema ukuthi uhlole zonke izibuyekezo ze-HP ArcSight ESM kanye nezinzuzo kanye nokubi.

Iyini i-HP ArcSight ESM

I-HPE ArcSight Enterprise Security Manager (ESM) inikeza indlela enkulu yokuhlaziya idatha ekuvikelekeni kwebhizinisi futhi iguqule idatha enkulu ibe ubuhlakani obusebenzayo. I-ESM yakhelwe ukusebenza nabahlaziyi bezokuphepha, opharetha nabaphathi njengoba belwela ukuvikela ibhizinisi lakho.

Ungafunda futhi ngalokhu: 42 Izinketho ze-inthanethi Ezithuthukile. Imisebenzi, Cupha futhi Vala ukusebenza

Yini i-HP ArcSight ESM engasetshenziselwa yona

I-interface yale softhiwe ihloselwe ukuba ibe yi-ergonomic, iphendule futhi yenziwe ngendlela oyifisayo ukuze kuthuthukiswe ukukhiqiza kweqembu futhi kuqinise ukubambisana ngaphakathi kwenkampani yakho (i-TPE, i-SME, njll.). Le softhiwe eku-inthanethi ilula ukuyifaka (izilungiselelo, ukumisa, ukwenza ngendlela oyifisayo, njll.) futhi akufanele idinge ukusetshenziswa kwesihlanganisi. Le softhiwe itholakala ngezilimi ezimbalwa: IsiNgisi...

Kungani usebenzise isofthiwe yolwazi lwezokuphepha kanye nokuphathwa komcimbi (SIEM)?

Isoftware yokuphathwa komcimbi wokuphepha (SIEM) iqapha imicimbi ukuze ihlonze izinsongo ezingaba khona futhi ixazulule izigameko zokuphepha.

Isoftware yebhizinisi eyinhloko yilezi:

1. I-Splunk (isabelo semakethe: cishe 18,60%)
2. I-Q1 Labs QRadar (4,00%)
3. I-LogRhythm (2,20%)
4. I-Splunk Enterprise Security (1,60%)
5. Umbono we-EMC RSA (1,10%)
6. Izixhumi ze-HP ArcSight (1,00%)
7. I-HP ArcSight ESM (0,90%)
8. I-HP ArcSight Logger (0,60%)
9. Umphathi Wokuphepha we-McAfee Enterprise (0,50%)
10. I-McAfee NitroSecurity (0,50%)
11. I-Exabeam Security Management Platform (0,20%)
12. Umphathi Wolwazi Lokuphepha we-Symantec (0,20%)
13. I-AlienVault OSSIM (0,10%)
14. I-FortiSIEM (0,10%)
15. I-Solarwinds SIEM (0,10%)
16. I-ArcSight Express (0,10%)
17. I-eIQnetworks (0,10%)
18. I-IBM Tivoli NetCool Impact (0,10%)
19. I-TriGeo SIM (0.10%)…

Sesihlonze cishe ama-software angama-38 kulesi sigaba.

Izici ezibalulekile:

1. Idatha yomshini
2. Ukufunda komshini
3. Ukuphathwa kwamarekhodi
4. Ukuphathwa kwesicelo
5. I-SIeM
6. Ukuthobela Ukuvikeleka
7. Phatha
8. Buka ngeso lengqondo
9. Hlaziya
10. Ukusebenza
11. Ukusebenza kwe-IT IoT
12. Ukuhlaziywa kwebhizinisi
13. Ukuhlaziywa kwethrafikhi
14. Ukuqapha kwenethiwekhi
15. Ukuhlaziywa kwethrafikhi
16. Ukuqapha kwenethiwekhi

Ukwethulwa kwenkampani i-Hp Arcsight Esm, umshicileli wesoftware ye-HP ArcSight ESM

I-Hp Arcsight Esm ingumshicileli wesofthiwe waseMelika. I-Hp Arcsight Esm inabasebenzi abangu-1-10 futhi, ngokwazi kwethu, ayikaze inyuse imali. Ungathintana nalo mshicileli nge-imeyili, ngewebhusayithi yabo ethi hpe.com, noma ngocingo.

Izici ze-HP ArcSight ESM

Nalu uhlu lwemisebenzi esemqoka nezici zale software:

1. Usizo lwe-inthanethi (inkundla, okokufundisa…)
2. Usekelo lobuchwepheshe (ifoni, i-imeyili, ingxoxo...)

Ukuhlanganiswa nama-API

I-HP ArcSight ESM inikeza ama-API ukuze ahlanganiswe nezinye izinhlelo zokusebenza ze-IT. Lokhu kuhlanganiswa kuvumela, isibonelo, ukuxhuma kusizindalwazi, ukushintshanisa idatha noma ngisho nokuvumelanisa amafayela phakathi kwezinhlelo ezimbalwa zekhompiyutha ngokusebenzisa isandiso, i-plug-in noma i-API (i-database interface). uhlelo (uhlelo lokusebenza/uhlelo lokusebenza).

Ngokolwazi lwethu, isofthiwe ye-HP ArcSight ESM ingaxhuma kuma-API nama-plugin.

Ukuhambisana nokumisa

I-HP ArcSight ESM iyahambisana nezinhlelo eziningi zolwazi lwebhizinisi, kanye nokunye okuningi izinhlelo ezisebenzayo (Ngakho ke Windows, Mac OS kanye Linux ngoba ifinyeleleka ku-a isiphequluli sewebhu (Chrome, Firefox, njll.).

Le phakheji yesofthiwe ingafinyelelwa ukude (ihhovisi, ikhaya, usohambeni, njll.) kwabaningi Amadivayisi eselula njenge-a iPhone (inkundla iOS) noma ithebhulethi noma i-smartphone Android, futhi mhlawumbe unohlelo lokusebenza lweselula olutholakala ku-Google Play Isitolo/Isitolo Sohlelo Lokusebenza.

Ukuyisebenzisa, kubalulekile ukuba noxhumano lwe-inthanethi olulungile kanye nesiphequluli esibuyekeziwe.

Ezinye izici

1. I-HP ArcSight ESM ivumelana nezidingo zebhizinisi: Isofthiwe ye-ETI, isofthiwe ye-akhawunti engukhiye, isofthiwe ye-SME, isofthiwe ye-VSE, njll.
2. Lolu hlelo lokusebenza lunconyelwe amabhizinisi: Ukuphatha - Isoftware yokuphatha, njll.
3. Le phakheji yesofthiwe yefu isetshenziswa emikhakheni: isofthiwe ye-generalist

Ukuphepha kanye nokwenza kwasendaweni kwedatha

Asisenalo ulwazi mayelana nokuvikeleka kwalolu hlelo lokusebenza lwamafu, nokho, lubuyekezwa njalo ukuze ilethe izici ezintsha namapeshi okuphepha.

Iningi labahlinzeki be-software abakhulu banikeza ukubethela kwe-SSL, ukubethela kwedatha, ukusekela ngokulondoloza idatha okuzenzakalelayo, kanye nokuqinisekiswa kwezinto ezimbili. Ungahlola i-changelog ukuze wazi inguqulo yakamuva yesofthiwe, ukulungiswa kweziphazamisi, ukuthuthukiswa kokuthuthukiswa…

Idatha yale phakheji yesofthiwe yebhizinisi isingathwe kuseva yekhompyutha (egcinwe esikhungweni sedatha) e-United States futhi asinalo ulwazi mayelana nokuthobela kwayo i-GDPR.

Usizo lobuchwepheshe

Umshicileli osungule lolu hlelo lwekhompyutha (i-Hp Arcsight Esm) unikeza ukwesekwa kobuchwepheshe kanye nemibhalo yezohwebo kuwebhusayithi. oficial. Ungathola lapho umhlahlandlela ophelele wezobuchwepheshe, imibuzo evame ukubuzwa njalo, kanye nenkundla noma isevisi yokusekela amathikithi. Abanye abashicileli baphinde banikeze ukuqeqeshwa esizeni noma ukwesekwa ngocingo, isibonelo, ukuthumela isofthiwe eziteshini zamakhompyutha eziningi.

Qhathanisa izinhlelo

Ulwazi, izincazelo, izici nezintengo zalolu hlelo lokusebenza zinikezwe ulwazi kuphela futhi zingashintsha ngezibuyekezo ezivela kubashicileli. Izici zamaphakheji esofthiwe yokuphatha nezixazululo zesofthiwe zithathwe kubashicileli/abahlanganisi/amawebhusayithi e-SSII.

• Ithimba labahleli likukhethela isofthiwe engcono kakhulu- Umbono wethu nge-Hp Arcsight Esm uzimele futhi uhlose ukugqamisa amandla nobuthakathaka balolu lwazi lwezokuphepha kanye nesofthiwe yokuphatha imicimbi (SIEM).

Izinzuzo nokungalungi

Nalu uhlu lwezinzuzo eziyinhloko zale phakheji yesofthiwe:

1. Ukuphathwa kwezohwebo
2. Ukuphatha okukhiqizayo

Izinhlelo ze-HP ArcSight ESM namanani entengo

Intengo ye-HP ArcSight ESM iyatholakala uma icelwa, kodwa le ntengo ingase ishintshe ngoba umshicileli wale softhiwe unikeza izinketho ezihlukene ukuhlangabezana nezidingo zabasebenzisi bayo: inombolo yamalayisensi, imisebenzi eyengeziwe, izengezo...

Nazi izintengo ezihlukile ze-HP ArcSight ESM (izintengo/amaphakheji):

1. Isivivinyo samahhala: €0 (inqunyelwe ngesikhathi/izici)
2. Estándar: Inani lokubonisana
3. ngoba: -
4. Enterprise: -
5. Premium: -

Abahleli bekhompiyutha abaningi banikeza inguqulo yesilingo samahhala enazo zonke izici ezivuliwe, kodwa ezizobe zikhawulelwe el tiempo (ngokwesilinganiso izinsuku eziyi-15 kuye kwezingu-30), noma inguqulo yamahhala ekhawulelwe (ezinye izici azisebenzi) ukukukhuthaza ukuthi uyithenge.

Umshicileli wesofthiwe ochwepheshe ngokuvamile unikeza amakhodi okukhangisa kanye nokwehliswa kwentengo kuye ngenani lamalayisensi athengiwe. Okubhaliselwe konyaka nakho konga imali uma kuqhathaniswa nokubhaliselwe kwanyanga zonke ngoba ngokuvamile ishibhe ngo-10% kuya ku-30%.

Ungayilanda kanjani

Udinga ukuchofoza isixhumanisi ukuze uvakashele iwebhusayithi yomshicileli, ezokunikeza ukuthi uyizame mahhala, uyifake enguqulweni yedemo, noma ubambe iqhaza ku-webinar. Uma kuyisixazululo se-inthanethi, ngeke kudingeke ukuthi ulande futhi ufake noma yini kukhompyutha yakho.

Ungangena kanjani?

Isoftware ingafinyelelwa efwini online. Ukuxhuma ku-HP ArcSight ESM (login) kwenziwa kusuka kuwebhusayithi https://www.hpe.com, lapho ungafaka khona igama lakho lomsebenzisi nephasiwedi.

Imibono yabasebenzisi

Lona umbono wethu nge-HP ArcSight ESM: isofthiwe yolwazi lwezokuphepha kanye nokuphathwa komcimbi (SIEM) ukuthola.

Ithuluzi elisheshayo, elizinzile futhi elinokwehla elinamandla okubika kanye nokuhlaziya amalogi

Isetshenziswa njengesehlo sezokuphepha kanye nethuluzi lokuphatha imicimbi futhi bekungelinye lamathuluzi angcono kakhulu nadingeka kakhulu ngesikhathi silifaka, lihlinzeka ngezici ezimbalwa ezikuvumela ukuthi uqinisekise ngokushesha futhi usingathe imicimbi yezokuphepha nezigameko kuwo wonke amadivayisi wokugcina.

I-ArcSight iyithuluzi le-SIEM elisheshayo, eliguquguqukayo, elicebile, futhi okulula ukulenza ngokwezifiso

I-ArcSight ESM iyisinkwa nebhotela leqembu lethu lokuvikela ingqalasizinda. Bakhuthele kakhulu ekuphatheni izehlakalo zokuphepha ze-IT ngayo. Ngingathi kufana nokulawula izinga le-Big Brother yayo yonke ingqalasizinda ye-IT.

Akukho okungaba nomona kwabanye abahlinzeki be-SIEM

Sekuyiminyaka emi-4 sisebenzisa imikhiqizo ye-ArcSight. Umkhiqizo wakhethwa eminyakeni emi-5 noma engu-6 edlule ngenkathi umnikazi wayesese-HPE futhi engomunye wabaholi bemakethe ye-SIEM, akunjalo njengoba wonke umuntu eya ku-QRadar/SPlunk.

I-ArcSight ESM, isixazululo esiphelele nesiguquguqukayo sazo zonke izidingo zakho ze-forensic

Ithuluzi liza nezici eziningi ezakhelwe ngaphakathi nezifanekiso zokuqoqa nokuhlobanisa imicimbi nokukhiqiza izexwayiso nemibiko. Ngaphezu kwalokho, kungenzeka ukuthenga izifanekiso ezithile ukuze kuthuthukiswe amakhono okuhlaziya izindawo ezikhethiwe, imikhiqizo noma izindinganiso, ukwakheka kuvumelana endaweni kanye nabanzi…

I-ESM iyinjini yokuxhumana enamandla kakhulu futhi evumelana nezimo.

Sekukonke, sanelisekile ngalesi sixazululo sezokuphepha. Injini yayo yokuhlanganisa iyona enamandla kunazo zonke esizihlolile njengamanje.

Intuthuko yakamuva ye-ArcSight kanye nokutholwayo ibavumela ukuthi baphinde babe umholi wemakethe!

Sesineminyaka engu-8 sisebenzisa i-ArcSight futhi injini yokuxhumana ethuthukisiwe ye-ArcSight ihlinzeka ngamakhono okuqapha ezokuphepha ngesikhathi sangempela. Kodwa-ke, bathole i-Interset ye-UEBA ngokusekelwe ekufundeni komshini okungagadiwe - i-Interset ne-Atar Labs SOAR, okuyi...

Ukubuyekezwa Kwemenenja Yezokuphepha ye-ArcSight

I-ArcSight Enterprise Security Manager ingasetshenzelwa i-SOC ne-NOC, ethembeke kakhulu. Ukwengeza, ingabuye ihlanganiswe ne-SOAR, ubuhlakani be-cyber threat, nokunye ukunikeza ukuvikela okuphelele. Ingakwazi futhi ukumelana nevolumu ephezulu ye-EPS futhi ingabangeli ...

I-ArcSight Open Architecture (THUB) nokufunda komshini okungagadiwe kwenza umehluko.

Izithuthukisi zakamuva ze-ArcSight bezigxile kakhulu kumakhasimende, izakhiwo ezivulekile ezine-Transformation HUB, ukulayisensa okwenziwe lula, ukumataniswa kwelogi namachibi angama-50, isitoreji, injini yokuxhumana ethuthukisiwe kanye ne-UEBA esekelwe ekufundeni komshini okungagadiwe kuyizici eziwusizo kakhulu.

Ezinye izindlela ze-HP ArcSight ESM

Ingabe ufuna enye i-HP ArcSight ESM noma isofthiwe yomthombo ovulekile efanayo? Sikumema ukuthi usebenzise isiqhathanisi sesofthiwe ukuze uqhathanise i-HP ArcSight ESM nezimbangi zayo ku: intengo, izici namasevisi, i-ergonomics nokuklama, ukwesekwa kobuchwepheshe, njll.

Ezinye izindlela eziyinhloko yilezi:

1. UMcAfee Enterprise Security Manager
2. Ibhuloho le-Operations
3. I-Micro Focus Operations Manager
4. I-LogRhythm
5. I-IBM Tivoli Business Service Manager

Ezinye izinhlelo ezifanayo yilezi:

1. IBM Tivoli NetCool OMNIbus
2. I-IDERA SQL BI Manager
3. I-LogPoint
4. I-IBM Tivoli NetCool Impact
5. I-Splunk Enterprise Security
6. I-AlienVault OSSIM

Ukubuyekezwa kwekhasimende le-HP ArcSight ESM kanye nomsebenzisi

Ukubuyekezwa okuku-inthanethi kwesoftware ye-HP ArcSight ESM kuningi kakhulu futhi kuvame ukuhle

Sikumema ukuthi uhlole izici zayo, isevisi yamakhasimende, ukusebenziseka kalula, isixhumi esibonakalayo sesofthiwe kanye ne-ergonomics (…) futhi ulinganise inani layo lemali uma ulisebenzisa njalo ehhovisi.

Ukuqhathanisa kwethu kwesofthiwe yobungcweti kuqoqa izincomo zabasebenzisi kanye nempendulo yekhasimende ukuze wabelane nomphakathi futhi uqhathanise ulwazi lwezokuphepha nesofthiwe yokuphatha imicimbi (SIEM).

Lesi sibuyekezo asithengi iseluleko noma isincomo. Umbono wethu usekelwe ekuhlolweni kwesofthiwe noma emibonweni yabasebenzisi kanye nezilinganiso. Sikumema ukuthi unikeze umbono wakho (incazelo) futhi wenze iziphakamiso zezixazululo ezincintisanayo.

U-90% wabasebenzisi besofthiwe yolwazi lwezokuphepha nokuphathwa kwemicimbi (SIEM) bakhethe i-HP ArcSight ESM.

Izinkomba zekhasimende

I-HP ArcSight ESM isofthiwe ye-SaaS esetshenziswa ochwepheshe abaningi be-IT nezinkampani emhlabeni jikelele. Izinkomba zayo yizinkampani ezifana nalezi:

1. Inkampani Siliconia Inc.
2. Amyx
3. Inkampani Webroot Inc.
4. Ukulinganisa kwenkampani Qa Limited
5. I-United Natural Foods (…)

Abayisebenzisayo kusitaki sabo sobuchwepheshe/isitaki sobuchwepheshe (izinhlaka zekhodi, izilimi zekhompyutha, yolwazi, ama-API…).

Lapha ungafunda mayelana: Lungisa i-Horizon Zero Dawn Constant Crashing

Ngokusho kwedatha etholakalayo, le softhiwe isetshenziswa kakhulu izinkampani ze-Computer Software (26%), i-Information Technology and Services (9%) kanye ne-Banking (7%)… Lokhu kubandakanya ama-VSE nama-SME ( abasebenzi abangaphansi kuka-50: 16% ), i-ETI (36%) nezinkampani ezinkulu (+ kunabasebenzi abayi-1.000: 48%) ezizuza inzuzo emaphakathi yezigidi ezingu-50 zamaRandi (31%), inzuzo ephakathi kwezigidigidi ezingama-$50 nezingu-$1 zezigidigidi zama-USD (000%), noma inzuzo ngaphezu kwezigidigidi ezi-16 zamaRandi (1%). Okokugcina, le phakheji yesofthiwe ivame ukusetshenziswa emazweni afana ne-India (46%).

Isiphetho

Njengoba ubona, lokhu ukusetshenziswa, izici, imibono, amanani ongawathola ku-HP ArcSight ESM. Ungase futhi uzame ezinye izindlela ezishiwo uma unganelisekile nge-interface, ukusebenziseka nokusekelwa kwezobuchwepheshe. Sithemba ukuthi sikusize ngalolu lwazi.