Highlighted
Respected Contributor.
Respected Contributor.
561 views

Windows Connector

In order to better support the needs of our customer; we need your feedback and opinions for the questions below.

1. Do you monitor Windows Events?

a. Yes

b. No

2. Which connector do you use to Monitor Windows Events

a. Windows Unified Connector

b. Windows Native Connector

c.Others

3. Which platform do you use to install the Windows Connector

a. Standalone Windows Machine

b. Standalone RHEL Machine

c. ArcMC/Connector Appliance

4. What are your challenges/concerns in using/not-using the Windows Native Connector; please do share.

Looking forward to hear your frank opinions.

Regards

Farid Merchant

ArcSight Smart Connector Product Manager

Labels (4)
0 Likes
2 Replies
Highlighted
Trusted Contributor.. Trusted Contributor..
Trusted Contributor..

Re: Windows Connector

1.  Yes

2.  Windows Native Connector

3.  Standalone Windows Machine (WiNC requires the .NET Framework)

4.  The Windows Native Connector has been a game changer for us for a number of reasons:

  • It allows us to filter out high volume events at the device itself, reducing the amount of bandwidth needed.
  • We can host many more Windows devices on a single WiNC vs. the WUC, reducing the number of overall connectors.
  • It seamlessly supports WEC/WEF while simultaneously supporting non-WEC/WEF scenarios on the same connector.
  • The WiNC framework makes it much easier to develop parsers for other products such as Sysmon, AppLocker, etc.
Highlighted
Frequent Contributor.
Frequent Contributor.

Re: Windows Connector

1.  Yes

2.  Windows Unified Connector

3.  Standalone RHEL Machine

4.  The Windows Unified Connector has been chosen since we just use a number of significant (or of interest) servers for collecting logs from and this has been easy to set up manually by WUC.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.