The ArcSight product is a security management solution that allows a user to manage all enterprise activity from one centralized view. ArcSight integrates existing multi-vendor devices throughout the enterprise into its scope and gathers all generated events. ArcSight allows users to monitor events in real-time, correlate events for in-depth investigation and analysis, and resolve events with automated escalation procedures and actions. ArcSight product gathers events generated by multi-vendor devices, normalizes, and stores those events in the centralized ArcSight Database, and then filters and cross-correlates those events with rules to generate meta-events.
The ArcSight product is a security management solution that allows a user to manage all enterprise activity from one centralized view.
Products under this evaluation scheme will have a full NATO evaluation with evaluation documentation set available, and NIAPC certification
CC Validation Report / Certificate Reference
CC Security Target / TOE Reference
Network Security Management