Post on 23-Mar-2018
transcript
ArcSight Logger Start up configuration steps are:
Analysis (meeting at beginning of service) Connector analysis: data source type/number/location Retention Policy definition •PlanningofmonitoringeffectivenessinbaseofEPS/days/storage Groupofusers,typeofoperationandaccesstologs Backupandarchivalrequirements
Implementation PreparationofLoggerappliance(OSpatch,...) ConfigurationofLoggerappliance(receiver,devicegroup,storage,retentionpolicy,usergroups) ConfigurationofConnectorappliance(ifpresent) Configurationofamaximumof4ArcSightSmartConnectors(onLoggerappliance/Connectorapplianceorexternalserver) ofdifferenttypeandsetupofasystemtogetherwithendusersystemadministrator(ie:acquisitionofoneWindowserver, oneLinuxserver,oneinstanceofOracle,…). ConfigurationofManagementforremoteConnectors Configurationof1typeoffiltersontheconnector–ifnecessarytighttoretentionpolicyapplication Creationofsearchfiltersfor3usergroupswithdifferentvisibilityofevents SetupofscheduledBackupandarchiveoflogdata Exampleofcreationofasimplesearch,areportandanalert
ArcSight JumpStart Service
ArcSight 3 days Logger JumpStart Service
What is the benefit of the JumpStart Service? AnArcSightcertifiedspecialisthelpsyourteamtodeploy,configureinawaythatallowgenerationandfurtheracquisitionoflogs.Throughoutsuchanengagement,theArcSightconsultantrecordsallfindings,enduserrequirements,solutionsdeveloped,andrecommendationsforbetterutilizingthesystem.
THE TEAM
YOUR TEAM
Interested? Please contact our Consultancy / Project Desk Email: projectdesk@westconsecurity.be Phone: + 32 (0)2 461 01 44