At the HPE Protect 2016 conference, the company launched the HPE ArcSight Data Platform 2.0, with an open architecture and improved third-party integrations.
On Wednesday, at the 2016 HPE Protect conference in Maryland, HPE unveiled a new platform that could improve security and visibility for the enterprise. The HPE ArcSight Data Platform (ADP) 2.0 is built on an event broker based on Apache Kafka, which HPE said can "offer consumption of up to 1 million events per second."
HPE documentation on the ADP 2.0 describes it as "an open and scalable solution to collect,normalize, and enrich data for compliance, regulations, security, IT operations, and log analytics." This allows for increased visibility, and potentially makes it easier for businesses to develop a more intelligent security strategy.
SEE: Network Security Policy Template (Tech Pro Research)
With the platform, data can be collected from almost anywhere, including logs, cloud services, network traffic, and sensors, among others. Once collected, it can be sent anywhere as well, such as to an additional ArcSight tool or to a third-party platform like Hadoop, HPE's documentation said.
In addition to the event broker, the ADP offers access to the HPE ArcSight Management Console for a clearer view of monitoring and a simple look at bulk operations. Captured data is normalized and enriched for security, especially, and users can leverage 350+ pre-built connectors to collect even more data.
The wide range of inputs, combined with the fast event processing speed, means that the ADP can be used as a sort of data hub for organizations.
"HPE ADP 2.0 is designed for supporting large SOC operations by allowing 100 concurrent searches so that multiple users can operate at the same time," the documentation said.
In addition to Hadoop, the ADP 2.0 can also send data to data lakes, or applications that have been built in-house. According to HPE documentation on this, the goal is to boost flexibility for both search and analytics. Additionally, logs are encrypted and compressed, and data in motion through the platform is secured with transport layer security.
The HPE ArcSight Data Platform 2.0 will be available on October 5.
The 3 big takeaways for TechRepublic readers
- HPE recently announced the ArcSight Data Platform 2.0, which could increase visibility and boost security in the enterprise.
- The ArcSight Data Platform 2.0 normalizes data for security purposes, and can send it to Hadoop or other in-house applications, among other targets.
- The underlying technology is a Kafka event broker with event consumption speeds of 1 million events per second.
- Security breaches: How small businesses can avoid a HIPAA lawsuit (TechRepublic)
- Why hackers hack: Is it all about the money? (ZDNet)
- Symantec looks to up the ante on SMB security with Endpoint Protection Cloud (TechRepublic)
- Cybersecurity Research 2016: Weak Links, Digital Forensics, and International Concerns (ZDNet)
- Flexera's vulnerability update reveals critical flaws in both major and niche platforms (TechRepublic)