ADP 2.1 Release Notes

0 Likes
THE FOLLOWING TEXT IS FOR SEARCH

HPE Security  ArcSight Data Platform SoftwareVersion: 2.1 Release Notes April20, 2017ReleaseNotes Legal Notices Warranty The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice. The network information used in the examples in this document (including IP addresses and hostnames) is for illustration purposes only. HPE Security ArcSight products are highly flexible and function as you configure them. The accessibility, integrity, and confidentiality of your data is your responsibility. Implement a comprehensive security strategy and follow good security practices. This document is confidential. Restricted Rights Legend Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. Copyright Notice Copyright Copyright 2017 Hewlett Packard Enterprise Development, LP Follow this link to see a complete statement of copyrights and acknowledgements: https://www.protect724.hpe.com/docs/DOC-13026 Support Contact Information Alistofphone numbersisavailable onthe HPE SecurityArcSightTechnicalSupport Phone Page:https://softwaresupport.hpe.com/documents/10180/14684/esp-support- contact-list Support Web Site https://softwaresupport.hpe.com Protect 724 Community https://www.protect724.hpe.com HPEArcSightDataPlatform2.1 Page2of 12Contents AboutArcSightDataPlatform2.1 4 ArcMC 2.6 5 ArcMC 2.6 FeaturesandEnhancements 5 Logger6.4 6 Logger6.4FeaturesandEnhancements 6 EventBroker2.0 8 EventBroker2.0 FeaturesandEnhancements 8 SmartConnectorRelease7.5.0 9 SmartConnectorLoadBalancer1.2 10 What'sNewin  SmartConnectorLoadBalancer1.2 10 ForMoreInformation 11 SendDocumentationFeedback 12 HPEArcSightDataPlatform 2.1 Page3 of 12ReleaseNotes AboutArcSightDataPlatform2.1 About ArcSight Data Platform 2.1 ArcSightDataPlatform(ADP)2.1deliversopensecurityarchitecturethatseamlesslyconnectsto third- partyplatforms, includingHadoop. ADP transformsthedatacollectionprocess, andsimplifies administrativetasks, makingorganizationsmoreeffectiveintheirmonitoringcapabilities. ADP 2.1componentsinclude: l Event Broker 2.0: EventBrokercentralizeseventprocessingandopensupArcSightdatato a varietyof dataconsumers. l ArcMC 2.6: ArcSightManagementCenterprovidesonecentralizedviewforend-to-endmonitoring andsimplifiedprocessingof bulkoperations. l Logger 6.4: Loggerisalogmanagementsolutionthatisoptimizedforhigheventthroughput, efficientlong-termstorage, andrapiddataanalysis. l SmartConnector Release 7.5.0: Morethan350 pre-builtconnectorshelpcustomerseasilyextend theirdatacollectionsourceswithoutmanualcustomization. l SmartConnector Load Balancer 1.2: SmartConnectorLoadBalancerprovidesa“connector-smart” loadbalancingmechanismbymonitoringthestatusandloadof SmartConnectors. HPEArcSightDataPlatform 2.1 Page4of 12ReleaseNotes ArcMC 2.6 ArcMC 2.6 ArcSightManagementCenter(ArcMC)isacentralizedmanagementtoolthatsimplifiessecuritypolicy configuration, deploymentmaintenance, andmonitoringinanefficientandcost-effectiveway. ArcMC offersthesekeycapabilities: l Management and Monitoring: deliverthesinglemanagementinterfaceto administrateandmonitor ArcSightmanagednodes, suchasLoggers, Connectors, ConnectorAppliances, andotherArcMCs. l SmartConnector Hosting: forthehardwareappliance, asaplatformto hostandexecute SmartConnectors. ArcMC 2.6 FeaturesandEnhancements ThefollowingfeaturesandenhancementswereintroducedinArcMC 2.6 andareincludedinthis release. FormoreinformationabouttheArcMC 2.6 featuresandfunctionality, referto theArcMC 2.6 ReleaseNotes, Administrator'sGuide, andotherArcMC documentation, availablefromtheArcSight ProductDocumentationCommunityonProtect724. Thisversionof ArcMC includesthefollowingnewfeaturesandenhancements: l Event Broker Management:  ArcSightEventBrokermanagementincludesrouteandtopiccreation, aswellashealthandstatusparametermonitoring. MonitoredparametersforEventBrokerinclude CPU  Usage, Memory, DiskUsage, EventBrokerThroughput, TotalEPS In, EventParsingError, StreamProcessingEPS, andStreamProcessingLag. l Improved Node Management Interface:  TheNodeManagementinterfacehasbeenimprovedfor clarityandeaseof use. l Improvements to Topology View: TheTopologyViewnowincludesmanyimprovements, including time-outsettings, to ageoutinactivedevicesandremovethemfrommanagement. l Improved Import Hosts Process: ImportinghostsfromaCSVwilltakelesstimethanformerly, as jobsruninparallel. l Improved License Consumption Report: TheLicenseConsumptionreportcannowberunfora specifiedtimeinterval, insteadof anentireyear. l New Rules: Severaladditionalmonitoringruleshavebeenenabledbydefault. Thesecanbeeditedor deletedaspreferred. HPEArcSightDataPlatform 2.1 Page5of 12ReleaseNotes Logger6.4 Logger6.4 Loggerisalogmanagementsolutionthatisoptimizedforhigheventthroughput, efficientlong-term storage, andrapiddataanalysis. Loggerreceivesandstoresevents; supportssearch, retrieval, and reporting; andcanoptionallyforwardselectedevents. Loggercompressesrawdata, butcanalways retrieveunmodifieddataondemandforforensics-qualitylitigationdata. Logger 6.4 FeaturesandEnhancements ThefollowingfeaturesandenhancementswereintroducedinLogger6.4andareincludedinthis release. ForinformationaboutLogger6.4featuresandfunctionality, referto theReleaseNotes, Administrator'sGuide, andotherLogger6.4documentation, availablefromtheArcSightProduct DocumentationCommunityonProtect724. Search Improvements ImprovedSearchcapabilitiesandupdatedsearchinterfaceenableusersto do thefollowing: l SearchforIPv6 data. l IndextherequestURLfield. l Runmultiplesearchesinthesamebrowsersession. l ViewandaccesssearchesfromtheActiveSearchlistontheSearchmainpage. l Administratorscansetthenumberof concurrentsearchesandthesearchexpirytimevalue. Reporting Improvements Theintegrationof newfeaturesprovidesagreatlyimprovedreportingexperience, includingthe followingimprovements: l Openupto tenReporttabs, so you canmoveeasilyfromscreento screenasyou create, manage, and generateconcurrentreports. l CreateSmartreportsthatcansupportmultiplequeries, offernewcharttypes, andcreateSmart dashboards. l CreateSmartdashboardsthatdisplaytheresultsof multiplequeriesononedashboard, aswellasrich text, slideshow, andwebpagewidgets. l Createnewreportcharttypes, includingSunburst, Funnel, Pyramid, Treemaps, Counter, Gauge, and Packedcircles. HPEArcSightDataPlatform 2.1 Page6 of 12ReleaseNotes Logger6.4 Other Updates l UpdatedEventBrokerreceiveraddssupportforEventBroker2.0, includingTLS Client Authentication. l LoggercannowsendandreceivedatainCEF v0.1, v1.0 andrawdataformats. CEF 1.0 enables Loggerto sendandreceiveIPv6 data. l IncorporatedFIPS BouncyCastlelibrariesprovideimprovedsecurityandenablessupportforTLS 1.2. l Updatedlocalizationforsupportedlanguages(Japanese, TraditionalChineseandSimplified Chinese). HPEArcSightDataPlatform 2.1 Page7of 12ReleaseNotes EventBroker2.0 Event Broker2.0 ThisreleaseintroducesHPESecurityArcSightDataPlatformEventBroker(ADP EventBroker.)The ADP EventBrokercentralizeseventprocessing, helpsyou to scaleyourenvironment, andopensup eventsto thirdpartysolutions. Itenablesyou to takeadvantageof scalable, high-throughput, multi- brokerclustersforpublishingandsubscribingto eventdata. TheADP EventBrokerprovidesapackagedversionof ApacheKafka. Afteryou installandconfigurean EventBrokerKafkabrokerorclusterof brokers, you canuseADP SmartConnectorsto publishdata, andsubscribeto thatdatawithADP Logger, ArcSightESM, ArcSightInvestigate, ApacheHadoop, or yourownconsumer. Event Broker 2.0 FeaturesandEnhancements ThefollowingfeaturesandenhancementswereintroducedinEventBroker2.0andareincludedinthis release. FormoreinformationabouttheEventBroker2.0 featuresandfunctionality, referto theEvent Broker2.0 ReleaseNotes, Administrator'sGuide, andotherArcMC documentation, availablefromthe ArcSightProductDocumentationCommunityonProtect724. Thisversionof EventBrokerincludesthefollowingnewfeaturesandenhancements: l New Data Format Support: Inadditionto ArcSightLogger, newconsumertypescannowbe configuredto operatewithEventBrokerandprocessnewdataformats, including: o ArcSightInvestigate1.0 (viaVerticAvro format o ArcSightESM 6.11.0Binaryformat o Third-partyproducts, suchasHadoop o Customer-createdapplicationsthatcanreadCEF. l ArcMC Management:  EventBrokercannowbemanagedandmonitoredbyArcSightManagement Center(ArcMC). ArcSightEventBrokermanagementincludesrouteandtopiccreation, aswellas healthandstatusparametermonitoring. MonitoredparametersforEventBrokerincludeCPU Usage, Memory, DiskUsage, EventBrokerThroughput, TotalEPS In, EventParsingError, Stream ProcessingEPS, andStreamProcessingLag. l Kafka Upgrade:  EventBroker2.0 usesanupgradedversionof Kafka  (0.10.1.0) HPEArcSightDataPlatform 2.1 Page8 of 12ReleaseNotes SmartConnectorRelease7.5.0 SmartConnectorRelease 7.5.0 ArcSightSmartConnectorscollectraweventsfromsecuritydevices, processtheminto ArcSightsecurity events, andtransportthemto destinationdevices, suchasArcSightESM andArcSightLogger. Connectorsaretheinterfacebetweenthechosendestinationandthenetworkdevicesthatgenerate destinationrelatedrelevantdataonyournetwork. EachSmartConnectorreleaseprovidesnewversionsupport, enhancements, andfixedissuesfor individualSmartConnectors. TheSmartConnectorreleasesupportedwiththisADP releaseis 7.5.0.7983. Formoreinformationinthisrelease, includingresolvedissues, referto theSmartConnectorRelease Notesfor7.5.0.7983, availablefromtheArcSightProductDocumentationCommunityonProtect724. HPEArcSightDataPlatform 2.1 Page9 of 12ReleaseNotes SmartConnectorLoadBalancer1.2 SmartConnectorLoadBalancer1.2 SmartConnectorLoadBalancerprovidesa“connector-smart”loadbalancingmechanismbymonitoring thestatusandloadof SmartConnectors. Currentlyitsupportstwo typesof eventsourcesand SmartConnectors. Onedistributesthesysloginputstreamto syslogconnectorsusingTCP orUDP protocol, andtheotherdownloadsfilesfromaremoteserveranddistributesthemto thefile-based connectors. No updatesweremadeto LoadBalancerforthisADP release. What'sNewin  SmartConnector LoadBalancer 1.2 l PrependedremoteIP addressorhostnameonincomingsyslogmessages. l Expressionsthatcanbeusedto moreaccuratelydeterminetheloadonSmartConnectorsgloballyor perdestination. HPEArcSightDataPlatform 2.1 Page10 of 12ReleaseNotes ForMoreInformation ForMore Information FordetailedinformationaboutADcomponentproductfeaturesandfunctionality, includingtechnical requirements, fixed, andopenissues, referto theproductdocumentation, availablefromtheArcSight ProductDocumentationCommunityonProtect724. HPEArcSightDataPlatform 2.1 Page11of 12SendDocumentation Feedback If you havecommentsaboutthisdocument, you cancontactthedocumentationteambyemail. If an emailclientisconfiguredonthissystem, clickthelinkaboveandanemailwindowopenswiththe followinginformationinthesubjectline: Feedback on Release Notes (ArcSight Data Platform 2.1) Justaddyourfeedbackto theemailandclicksend. If no emailclientisavailable, copytheinformationaboveto anewmessageinawebmailclient, andsend yourfeedbackto arc-doc@hpe.com. Weappreciateyourfeedback! HPEArcSightDataPlatform 2.1 Page12of 12

Labels:

ADP 2.1
Comment List
Anonymous
Related Discussions
Recommended