Transcription
FlyerApplication Delivery ManagementArcSight Connector Supported ProductsThe Micro Focus ArcSight library of out-of-the-box connectors provides source-optimized collectionfor leading security commercial products. These products span the entire stack of event-generatingsource types, from network and security devices to databases and enterprise applications.In addition to connectors developed and main tained by ArcSight, we test and certify thefol lowing connector types through our tech nology alliances program (TAP): Common event format (CEF) certified—helps ensure event information is capturedproperly in the CEF Action certified—allows for control ofa vendor’s technology from within theArcSight console Forwarding connector—allows forevents to be forwarded from ArcSight topartner solution Please refer to the index section forlisting by connector typeArcSight Connector SupportedPlatform for Installation CentOS Linux 6.8, 6.9, 7.5, 7.6, 7.7, 8.164-bit Microsoft Windows Server 2008 SP1/SP232-bit and 64-bit Microsoft Windows Server 2012 and2012 R2 64-bit Microsoft Windows Server 2016, 2019Anti-Virus/Anti-Spam Oracle WebLogic Server Endgame SAP Enterprise Resource Planning (ERP) F-Secure Anti-Virus Intel (McAfee) VirusScan Enterprise via (ePO) Kaspersky Anti-Virus Sophos Symantec Endpoint Protection Manager(SEPM) Database Symantec Mail Security for MicrosoftExchange Trend Micro (TM) OfficeScan (ControlManager and TM Control ManagerDatabase DB)Application Security Oracle Solaris 11 64-bit (x86 64) Red Hat Enterprise Linux (RHEL) 6.8, 6.9,7.5, 7.6, 7.7, 8.1 64-bit SUSE Linux 11, 12, 15, 15.1 EnterpriseServer 64-bit Adallom Cloud Access Security Broker AWS CloudTrail AWS CloudWatch VPC Flow Logs AWS Elastic Compute Cloud (EC2) AWS GuardDuty AWS Identity and Access Management(IAM) AWS S3 (Simple Cloud Storage Service) Azure Event Hubs Blue Coat (Elastica) CloudSOC Bit9 Carbon Black Security Platform Box CA Layer 7 SecureSpan/CloudSpan CloudPassage HaloCloudControl Gateway FairWarning Intel (McAfee) Application Control(Solidcore) via (ePO) Exabeam User Behavior Analytics FlexConnector for REST (can support Box,SFDC, Google Apps, and more) Illumio Policy Compute Engine (PCE) Intralinks VIA Microsoft Office 365 RSA Web Threat Detection Clinical/ Palerra LORICHealthcare applicationsStandard 64-bit Oracle Solaris 10, 11 64-bit (SPARC)CloudApplications ERPScan Security Monitoring Suite for SAP ESNC Security Suite-Enterprise ThreatMonitoring vArmour Distributed Security System (DSS) Zscaler Nanolog Streaming Service (NSS)Content Security Barracuda Web Application Firewall(NetContinuum) IBM WebSphere Gemalto (SafeNet) eSafe Gateway iT-CUBE agileSI SAP Intel (McAfee) Email and Web Security Microsoft SharePoint Server DatabaseAppliance
FlyerArcSight Connector Supported Products Intel (McAfee) Web Gateway (Webwasher) Imperva SecureSphere Novell Nsure Audit Proofpoint Enterprise Protection and Intel (McAfee) Sentrigo Hedgehog ObserveIT EnterpriseEnterprise Privacy(Enterprise and vPatch) Oracle Sun ONE Directory Server PureSight Content Filter Trustwave Application Security DbProtect Proofpoint NetCitadel ThreatOptics Trend Micro Control Manager Varonis DatAdvantage RSA Authentication Manager Trend Micro InterScan Messaging Security(Control Manager) Trend Micro OfficeScan Client/Server(Control Manager) Trend Micro ScanMail for Lotus Domino(Control Manager)Data Leak PreventionFirewall Check Point FireWall-1 GX Cisco PIX/ASA Firewall Dell SonicWALL Firewall Syslog Juniper Firewall ScreenOS Syslog Juniper IDP Series Syslog Digital Guardian Juniper JUNOS Syslog Fidelis Cybersecurity XPSGTB Inspector Juniper Network and Security Manager Intel (McAfee) Host Data Loss Prevention(HDLP) via (ePO)Data SecuritySyslog Atalla Network Security Processor (NSP) Bay Dynamics, Risk Fabric Cisco Firepower Management Center BeyondTrust’s PowerBroker Cisco ISE CA SiteMinder Single Sign-On File JBoss Security Auditing File Cisco Secure Access Control Server (ACS) Thales Data Firewall (Vormetric) CyberArk Privileged Account SecurityManagement (PSM) Suite CyberArk Privileged Threat Analytics (PTA) Oracle Audit Syslog Oracle Audit Vault Oracle Audit XML File Thycotic Secret Server VMware PacketMotion PacketSentryIDS/IPS Bro IDS BroadWeb NetKeeper Balabit Shell Control Box Oracle Audit DB Swimlane Bro IDS NG File Atalla IPC Microsoft SQL ServerThreat Intelligence SpectorSoft Spector 360 Export Service Trend Micro (TippingPoint)IDM, IAM, and Identity SecurityDatabase Securonix RTI—Risk and Next-Generation Firewall (NGFW) Absolute Data and Device Security (DDS) Zettaset BDEncrypt RSA Aveksa Dell Change Auditor DB (Quest) Hexadite AIRS IBM Security Access Manager Juniper Steel-Belted Radius (SBR) Lieberman Software Enterprise RandomPassword Manager (ERPM) Cisco IBM AIX Management Center Cisco Secure IPS SDEE Extreme Networks Dragon Export Tool Extreme Networks Dragon IDS IBM Site Protector DB Intel (McAfee) Host Intrusion Prevention LightCyber Magna Management System (SMS) NitroSecurity Syslog Radware DefensePro Snort Systems (HIPS) via (ePO) Trend Micro (TippingPoint) SecurityIntegrated Security Cisco ASA 5500 Oracle Unified Audit Trail DB Microsoft Active Directory Sybase Adaptive Server Enterprise Dell SonicWALL Microsoft Forefront Fortinet FortiGate Microsoft Forefront Database Palo Alto Networks PAN-OS Microsoft Network Policy Server Trend Micro (TippingPoint) Next-GenerationDatabase Activity Monitoring (DAM)/Database Security IBM InfoSphere Guardium2 Netwrix AuditorFirewall (NGFW)
IT Operations Damballa CSP Microsoft Operations Manager Database Operations Manager (OM) Damballa Failsafe Microsoft System Center Configuration Operations Manager i (OMi) Fidelis Cybersecurity CIRTLog Consolidation and Analysis FireEye Malware Protection System (MPS) Dell InTrust database FireEye Mandiant Intelligent Response Qualys QualysGuard Guidance EnCaseMail Filtering Cisco Email Security Appliance (formerlyIronPort) Intel (McAfee) Email Gateway (SecureComputing IronMail) Intel (McAfee) Security for MicrosoftExchange (MSME) via (ePO) PhishMe Triage Symantec Messaging GatewayMail Server Lastline Enterprise Anti-MalwareNetwork Access Control Aruba ClearPass ForeScout CounterACTNetwork Behavior Anomaly Arbor Networks Peakflow CybersponseNetwork Forensics Narus nSystem ReversingLabs N1000 appliance Sendmail RSA NetWitnessMainframeNetwork Management CA Top Secret Cisco Wireless LAN Controller Syslog HelpSystems PowerTech Interact Intel (McAfee) Network Security Manager IBM eServer iSeries Audit Journal File Lumeta Enterprise Situational Intelligence IBM z/OS (RACF) IBM z/OS System Display and SearchFacility (SDSF) IBM z/OS System Log Type80 SMA RT for RACFMalware Detection(ESI) Micro Focus Network Node Manager i(NNMi) SNMPNetwork Monitoring ISC BIND ISC DHCP AhnLab Malware Defense System (MDS) Microsoft Azure NSG flow CounterTack Active Defense (formerly Microsoft DHCPManTech)www.microfocus.com Reservoir Labs R-ScopeNetwork Traffic Analysis Blue Coat (Solera) DeepSee Cisco NetFlow/Flexible NetFlow FireEye nPulse HammerHead Qosmos DeepFlow ProbesManagement Console Database Radware Inflight Corvil Network Data Analytics Microsoft Exchange PowerShell Microsoft Forefront Protection ServerManager (SCOM) Database Microsoft WINS Portnox IP Flow Information ExportExchange Server Microsoft System Center Operations Niara Security Intelligence Microsoft Exchange Microsoft Forefront Protection 2010 forManager (SCCM) Database Microsoft DNS Gigamon NetFlow InMon sFlow Intel (McAfee) Rogue System Detectionvia (ePO) NetScout nGenius QoSient Argus Seculert Automated AttackDetection Platform Savvius Omni DistributedAnalysis Platform TCPdump Vectra Networks X-SeriesNetwork Traffic Management Cisco Catalyst SwitchesOperating Systems HP-UX Operating System HP-UX Syslog HPE NonStop servers (XYGATE MergedAudit) HPE OpenVMS IBM AIX Operating System Linux SUSE Microsoft Windows Servers 2003/2008/2008 R2/2012/2012 R23
FlyerArcSight Connector Supported Products Microsoft Windows Vista 7, 8, and 10Switch FFRI FFR yarai Oracle Solaris Cisco NX-OS Intel (McAfee) Vulnerability Manager Red Hat Linux Brocade BigIron (Foundry Networks) SaberNet NTSyslog HPE Networking syslog Snare for Microsoft Windows UNIXPacket CaptureThreat Management VarySys PacketAlarm(FoundScan) Language (OVAL) standard Nmap Open Vulnerability and Assessment Rapid7 NexposeThreat Intelligence SOC Prime Integration Framework Anomali’s ThreatStream optic Squid Web Proxy Cache Comilion Instance SAINT Vulnerability Scanner Intel (McAfee) Policy Auditor via (ePO) FireEye (iSIGHT) ThreatScape API Tenable Nessus NetIQ Security Manager LookingGlass ScoutVision Webroot BrightCloud Ixia Net Tool OptimizerPolicy Management Recorded Future: Real-Time ThreatRouter Cisco Routers HPE H3C Comware Platform Juniper Routers (Junos)Intelligence ThreatConnect ThreatIntelligence PlatformWeb Cache Blue Coat ProxySG series Microsoft Internet Security andAcceleration (ISA) ServerVirtualizationSecurity Management CounterTack Event HorizonWeb Filtering IBM Security SiteProtector McAfee Management for Optimized Virtual Cisco IronPort Web Security Appliance Intel (McAfee) ePolicy Orchestrator (ePO)Environments (MOVE) via (ePO) Forcepoint (Websense) Web Security Suite Microsoft Audit Collection System ACS DB VMware ESX/VMware ESXi server PhishMe Intelligence VMware Virtual CenterSecurity Orchestration andAutomated ResponseVPN Apache Check Point VPN-1 Microsoft Internet Information Services (IIS) Cisco VPN Concentrator Oracle Sun ONE ATAR LabsServer HPE ProLiant Gen8 Server with HPE iLOManagement EngineStorage Bloombase StoreSafe EMC Celerra/VNXe Storage Systems Hadoop DFS with CEF HPE c7000 VCM syslog NetApp filer (NAS)4 McAfee SiteAdvisor Enterprise via ePOWeb Server Citrix NetScaler Nortel Contivity VPN Switch Pulse Secure Pulse Connect SecureWireless AirMagnet Enterprise Cisco Mobility Services EngineVulnerability Assessment Cisco NetFlow/Flexible NetFlow Belden (Tripwire) IP360 Device Profiler Cisco NX-OS Belden (Tripwire) IP360 Threat Monitor Mojo Networks AirTight eEye REM Security Management Console eEye Retina Network Security ScannerManagement Console Zebra AirDefense Guard
ArcSight Index Listing ofConnectors Available Today Cisco Wireless LAN Controller Syslog Dell (Quest) Change Auditor DB Apache Dell (Quest) InTrust (fka AEM) Arbor Networks TMS (Formerly TMS Dell SonicWALL Firewall SyslogPeakflow) AWS CloudTrail AWS CloudWatch VPC Flow Logs AWS EC2 AWS GuardDuty AWS IAM AWS S3 (Simple Cloud Storage Service) Azure Event Hubs Barracuda Web Application Firewall(NetContinuum) Belden (Tripwire) IP360 Device Profiler Belden (Tripwire) IP360 Threat Monitor Blue Coat ProxySG series Box Bro IDS Bro IDS NG File BroadWeb NetKeeper Brocade BigIron (Foundry Networks) CA SiteMinder Single Sign-On File CA Top Secret CentOS Check Point FireWall-1 GX Check Point VPN-1 Cisco ASA Cisco Catalyst Switches Cisco CSS Cisco Email Security Appliance (formerlyIronPort) Cisco IronPort Web Security Appliance eEye Retina Network Security Scannervia (ePO) Intel (McAfee) Vulnerability Manager(FoundScan) Intel (McAfee) Web Gateway (Webwasher) Extreme Networks Dragon Export Tool IP Flow Information Export Extreme Networks Dragon IDS ISC BIND F-Secure Anti-Virus ISC DHCP FlexConnector for REST (can support Box, JBoss Security Auditing FileSFDC, Google Apps, and more) Forcepoint (Websense) Web Security Suite Gemalto (SafeNet) eSafe Gateway HPE Aruba WLAN Mobility Controller HPE H3C Comware Platform Juniper Firewall ScreenOS Syslog Juniper IDP Series Syslog Juniper JUNOS Syslog Juniper Network and Security ManagerSyslog HPE Networking syslog Juniper Routers (Junos) HPE OpenVMS Juniper Steel-Belted Radius (SBR) HP-UX Syslog Kaspersky Anti-Virus IBM AIX Operating System Linux SUSE IBM Domino Database Lumension PatchLink Scanner DB IBM Domino Web Server Microsoft ACS database IBM Security SiteProtector System Microsoft Active Directory IBM Site Protector DB Microsoft DHCP IBM WebSphere Microsoft DNS Intel (McAfee) Application Control Microsoft Exchange(Solidcore) via (ePO) Intel (McAfee) Email Gateway (SecureComputing IronMail) Intel (McAfee) Firewall Enterprise Intel (McAfee) Host Data Loss Prevention(HDLP) via (ePO) Intel (McAfee) Host Intrusion PreventionSystems (HIPS) via (ePO) Intel (McAfee) Network Security Manager Cisco PIX Firewall Intel (McAfee) Policy Auditor via (ePO) Cisco Routers Intel (McAfee) Rogue System Detectionwww.microfocus.comExchange (MSME) via (ePO) Intel (McAfee) VirusScan Enterprise EMC Celerra/VNXe Storage Systems Cisco ISE Cisco Secure IPS SDEE Intel (McAfee) Security for Microsoftvia (ePO) Microsoft Exchange PowerShell Microsoft Forefront Microsoft Forefront DB Microsoft Forefront Protection 2010 forExchange Server Microsoft Forefront Protection ServerManagement Console DB Microsoft ISA Microsoft Network Policy Server (WindowsIAS/RADIUS) Microsoft Office 365 Microsoft Operations Manager Database5
FlyerArcSight Connector Supported Products Microsoft SCCM Database SEPM Database Microsoft SCOM Database Snare for Microsoft Windows IBM Resilient Systems Incident ResponsePlatform Microsoft SharePoint Server Database Snort Ixia Net Tool Optimizer Microsoft SQL Server Sophos Lastine Enterprise Anti-Malware Solution Microsoft Windows 7/8/2003/XP/2008 Squid Web Proxy Cache Niara Security Intelligence Sybase Adaptive Server Enterprise NIKSUN NetOmni Symantec Mail Security for Microsoft Proofpoint NetCitadel ThreatOpticsServer/Vista Microsoft Windows Servers 2003/2008/2008 R2/2012/2012 R2Exchange RSA Aveksa Microsoft WINS Symantec Messaging Gateway Securonix Risk and Threat Intelligence RTI NAS TCPdump Symantec Security Analytics (Solera NetIQ Security Manager Tenable Nessus Network Operations Management Trend Micro Control Manager NitroSecurity Syslog Trend Micro InterScan Messaging Security Nmap Nortel Contivity VPN Switch Novell Nsure Audit Oracle Audit DB Oracle Audit Syslog Oracle Audit Vault Oracle Audit XML File Oracle Solaris Oracle Sun ONE Oracle Sun ONE Directory Server Oracle WebLogic Server OVAL standard Proofpoint Enterprise Protection andEnterprise Privacy(Control Manager) Trend Micro OfficeScan Client/Server(Control Manager) Trend Micro ScanMail for Domino(Control Manager) Trend Micro (TippingPoint) SecurityManagement System (SMS)DeepSee) vArmour Analytics PlatformForwarding-Certified Solutions ATAR Labs Bay Dynamics Risk Fabric DFLabs IncMan Exabeam User Behavior Analytics Hexadite AIRS Niara Security Intelligence UNIX Palerra LORIC VarySys PacketAlarm Savvius Omni Distributed Analysis Platform VMware ESX/ESXi Server Swimlane VMware Virtual Center Zebra AirDefense GuardArcSight CEF Certified SolutionsAction-Certified Solutions Absolute Computrace ABAP-Experts SecurityBridge Aruba ClearPass Absolute Data and Device Security (DDS) Pulse secure Pulse Connect Secure Cisco Firepower Management Center Acalvio Technologies ShadowNet PureSight Content Filter Comilion Instance AgileSI Qualys QualysGuard CyberArk PSM Suite AhnLab Malware Defense System (MDS) Radware DefensePro Cybersponse AhnLabs MDS Rapid7 Nexpose Digital Guardian Anomali’s ThreatStream OPTIC Red Hat Linux FireEye Mandiant Intelligent Response Aqua Security RSA Authentication Manager FireEye Network Forensics Platform (PX) Aruba ClearPass SaberNet NTSyslog ForeScout CounterACT Arxan GuardIT SAINT Vulnerability Scanner General Dynamics CIRT Atalla IPC SAP ERP Guidance EnCase Atalla Network Security Processor (NSP)6
ATAR Labs Damballa CSP Indegy Industrial Cyber Security Platform Attivo Networks Damballa Failsafe InQuest Avigilon Access Control Manager (ACM) DeepInstinct Intel (McAfee) Email and Web Security Ayehu eyeShare Digital Guardian Balabit Shell Control Box E8 Security Behavioral Intelligence Platform Barracuda Networks NG FirewallApplicationAppliance Intel (McAfee) Sentrigo Hedgehog(Enterprise and vPatch) Belden (Tripwire Enterprise) EclecticIQ Intel (McAfee) StoneSoft StoneGate Firewall BeyondTrust’s PowerBroker Edge Technologies AppBoard and enPortal Intralinks VIA Bit9 Carbon Black Security Platform Elastic Ionic Security Bloombase StoreSafe Endgame iT-CUBE agileSI SAP BMC (CorreLog) Syslog Defender Ergon Informatik Ixia ThreatARMOR Bomgar Privileged Access Management ERPScan Security Monitoring Suite for SAP Juniper Networks Altor Networks Virtual Bricata ProAccel ESNC Security Suite-Enterprise Threat Brinqa Risk AnalyticsMonitoring Bromium Advanced Endpoint Security F5 Big-IP Advanced Firewall Manager (AFM) CA Technologies SecureSpan/CloudSpan FairWarningCloudControl Gateway CA Technologies Privileged AccessManagement Carbon Black Security Platform Cilasoft QJRN/400 Cisco Firepower Management Center CloudPassage CloudPassage Halo Comilion Instance Core Security CSP Core Security Failsafe Corvil Network Data Analytics CounterTack Active Defense (formerlyManTech) FFRI FFR yarai Fidelis Cybersecurity XPS FireEye CM Series FireEye (iSIGHT) ThreatScape API FireEye Malware Protection System (MPS) FireEye Mandiant Intelligent Response ForeScout CounterACT Fortinet FortiGate General Dynamics CIRT Gigamon GigaVUE/GigaSECUREFirewall Lancope StealthWatch Lastline Enterprise Anti-Malware Solution Lieberman Software ERPM LightCyber Magna Platform LookingGlass Cyber Solutions ScoutVision Lookout Lumeta Enterprise Situational Intelligence(ESI) Lumeta IPsonar Microsoft (Adallom) Cloud Access SecurityBroker Microsoft Azure NSG flow Mojo Networks AirTight ManagementConsole GTB Technologies Inspector NetIQ Identity Manager Gurucul Analytics Platform NetScout Systems nGenius Performance HelpSystems PowerTech InteractManager CounterTack Sentinel (Event Horizon) Hexadite AIRS Netwrix Auditor CrowdStrike Falcon Host HPE NonStop servers (XYGATE Merged Nexthink Engine CyberArk Privileged Account SecurityAudit) (XMA) Niara Security Intelligence IBM InfoSphere Guardium NIKSUN NetDetector CyberArk Privileged Threat Analytics (PTA) Illumio Policy Compute Engine (PCE) ObserveIT Enterprise Cybersponse Illusive Networks Palerra LORIC D3 Security Imperva SecureSphere Palo Alto Networks PAN-OSManagement (PSM) Suitewww.microfocus.com7
Contact us at:www.microfocus.comLike what you read? Share it. Penta Security WAPPLES Sysorex Zone Defense PhishMe Intelligence TaaSera TaaS NetAnaylzer PhishMe Triage ThreatConnect Threat Intelligence Platform Portnox Network Security ThreatQuotient Qosmos DeepFlow Probes Thycotic Secret Server QualysGuard TrapX DeceptionGrid Radware Inflight TrendMicro Recorded Future Threat Intelligence Trend Micro Deep SecurityPlatform RedSeal Network and Vulnerability Advisor Trend Micro (TippingPoint) Next-GenerationFirewall (NGFW) Reservoir Labs R-Scope Trustwave Application Security DbProtect Resolves Systems Type80 SMA RT ReversingLabs N1000 Appliance vArmour Analytics Platform RSA NetWitness Varonis DatAdvantage RSA Web Threat Detection Vectra Networks X-Series SailPoint IdentityIQ Veriato 360 (Spector 360) Seculert Automated Attack Detection Verodin Security Instrumentation PlatformPlatform Vormetric Data Security Manager Securonix Risk and Threat Intelligence (RTI) Votiro Cybersec Platform SOC Prime Integration Framework Webroot BrightCloud Symantec Blue Coat (Elastica) CloudSOC Zettaset BDEncrypt Symantec System Recovery Zscaler Nanolog Streaming Service (NSS)
Zscaler Nanolog Streaming Service (NSS) Content Security Barracuda Web Application Firewall (NetContinuum) . Forcepoint (Websense) Web Security Suite Gemalto (SafeNet) eSafe Gateway HPE Aruba WLAN Mobility Controller SyslogHPE H3C Comware Platform
