Highlighted
Micro Focus Expert
Micro Focus Expert
1228 views

Now Available: ArcSight 2020.1 - Fusion 1.0,ESM 7.2.1,ArcMC 2.94,T-Hub 3.2,Connectors 7.15,Invst 3.1

General Availability - ArcSight 2020.1

Welcome to ArcSight 2020! We are excited to announce the general availability of Micro Focus ArcSight 2020.1, which features the releases of Fusion 1.0 (our new UI), ESM 7.2.1, ArcMC 2.94, Transformation Hub 3.2, SmartConnectors 7.15, and Investigate 3.1

ArcSight 2020.1 offers a first look at the future of ArcSight as a unified outcome-focused security analytics platform. It also introduces the first iteration of our new intuitive UI, Fusion.

Here are the key features and improvements of our first ArcSight 2020 release. Please refer to the individual release notes (cited at the bottom of this post) for more complete information.

Fusion 1.0:

ArcSight Fusion enables you to visualize, identify, and analyze potential threats by incorporating intelligence from the multiple layers of security sources that might be installed in your security environment:

  • Real-time event monitoring and correlation with data from ArcSight Enterprise Security Manager (ESM)
  • Analyzing end-user behavior with ArcSight Interset
  • Performing deep-dive investigations with ArcSight Investigate

To help you get started, Fusion provides a Dashboard with a set of out-of-the-box widgets and dashboards. Users can organize the widgets into personalized dashboards.

You must install ESM before you install Fusion. Before you install Fusion, you must download and unzip all necessary product installation packages. The installation package includes the respective signature file for validating that the downloaded software is authentic and not tampered by a third party.

Note: This release allows you to connect to a single ESM instance.

ESM 7.2.1:

  • Improved upgrade experience to ensure more transparency in the upgrade process
  • Single Sign-On advancements for the ArcSight Java Console and ArcSight Command Center, including support for Azure Active Directory and other SAML2 identity providers
  • High-performance distributed event forwarder to enable higher speeds of event forwarding to the Transformation Hub when ESM is installed in distributed correlation mode
  • Event Ingestion from multiple Transformation Hub topics, allowing security admins to specify up to 25 topics to consume events
  • Kafka SASL/PLAIN authentication to connect with customer-provided Kafka clusters (limited support)
  • TLS 1.2 protocol adoption in the ArcSight Console for greater network security
  • Rule and list improvements to increase alert accuracy and enable greater customization

ArcSight Management Center 2.94:

  • Updated import/export host for CSV format with a new column connector container name
  • Exporting device status report in a CSV format with the device list details
  • Exporting EPS license detailed report in a CSV format with EPS information per managed EPS licensed logger for the selected duration

Transformation Hub 3.2:

  • Container deployments (CDF) can roll upgrades through the Transformation Hub cluster all at once, completing in hours what used to take days
  • RHEL/CentOS 8.1 now supported
  • Most secure and up-to-date libraries and protections

SmartConnectors 7.15:

  • New SmartConnector has been added – Cisco Meraki Syslog, model MR52
  • SmartConnector feature updates for Syslog, Azure Event Hub, AWS CloudTrail, Checkpoint, etc.
  • Enhanced support for SLES 15.x, MS Office 365, FlexConnectors, AWS CloudWatch, LoadBalancer
  • Kafka support has been optimized
  • RHEL/CentOS 8.1 now supported

ArcSight Investigate 3.1:

  • Enhanced integration with SmartConnectors and Transformation Hub to ingest and route logs at scale
  • Container deployments (CDF) can roll upgrades through the ArcSight Investigate cluster all at once, completing in hours what used to take days
  • New guided queries assist in searching your data
  • Pre-built charts and visualizations to optimize investigation
  • Host Profiler dashboard provides fast insights into host behavior
  • Outlier detection for network traffic identifies hosts deviating from baseline behavior
  • Domain Generation Algorithm (DGA) helps identify activity using Investigate’s pre-defined visualizations
  • Data Quality Dashboard helps to identify data quality concerns

 

Documentation can be found as follows:

You can access the new software from the software entitlement portal.

If you have any questions, please contact Customer Support.

 

Thank you,

ArcSight Product Team

0 Replies
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.