arcsight cisco
TRANSCRIPT
Arc
Sig
ht
SIE
M
Pa
rtn
er
Gu
ide
Re
vis
ion
: H1
CY
11
Us
ing
th
is D
ata
Se
cu
rity
De
plo
ym
en
t G
uid
e
Us
ing
th
is D
ata
Se
cu
rity
D
ep
loy
me
nt
Gu
ide
Th
is d
oc
um
en
t is
fo
r th
e r
ea
de
r w
ho
:
• H
as
re
ad
th
e C
isc
o S
ec
uri
ty I
nfo
rmati
on a
nd
Eve
nt
Man
ag
em
en
t
De
plo
ym
en
t G
uid
e a
nd
th
e C
isc
o B
ord
erl
ess N
etw
ork
s E
nte
rpri
se
De
plo
ym
en
t G
uid
e
• W
an
ts t
o c
on
ne
ct
Bo
rde
rle
ss
Ne
two
rks
to
an
Arc
sig
ht
SIE
M s
olu
tio
n
• W
an
ts t
o g
ain
a g
en
era
l u
nd
ers
tan
din
g o
f th
e A
rcs
igh
t S
IEM
so
luti
on
• H
as
a l
ev
el
of
un
de
rsta
nd
ing
eq
uiv
ale
nt
to a
CC
NA
® c
ert
ific
ati
on
• W
an
ts t
o s
olv
e c
om
pli
an
ce
an
d r
eg
ula
tory
re
po
rtin
g p
rob
lem
s
• W
an
ts t
o e
nh
an
ce
ne
two
rk s
ec
uri
ty a
nd
op
era
tio
ns
• W
an
ts t
o i
mp
rov
e I
T o
pe
rati
on
al
eff
icie
nc
y
• W
an
ts t
he
as
su
ran
ce
of
a v
ali
da
ted
so
luti
on
Re
late
d D
oc
um
en
ts
Be
fore
re
ad
ing
th
is g
uid
e
De
sig
n O
ve
rvie
w
Inte
rne
t E
dg
e D
ep
loy
me
nt
Gu
ide
Inte
rne
t E
dg
e C
on
fig
ura
tio
n G
uid
e
SIE
M D
ep
loy
me
nt
Gu
ide
Arc
Sig
ht
SIE
M
Cis
co
SIE
M
Configuration
Files
Su
pp
lem
en
tal
Gu
ide
s
Foundation
De
sig
n O
ve
rvie
w
De
sig
n G
uid
es
De
plo
ym
en
t G
uid
es
Yo
u a
re
He
re
Inte
rn
et
Ed
ge
Ta
ble
of
Co
nte
nts
AL
L D
ES
IGN
S, S
PE
CIF
ICA
TIO
NS
, ST
AT
EM
EN
TS
, IN
FO
RM
AT
ION
, AN
D R
EC
OM
ME
ND
AT
ION
S (C
OL
LE
CT
IVE
LY, "
DE
SIG
NS
") IN
TH
IS M
AN
UA
L A
RE
PR
ES
EN
TE
D "A
S IS
," W
ITH
AL
L F
AU
LT
S. C
ISC
O A
ND
ITS
SU
PP
LIE
RS
DIS
CL
AIM
AL
L W
AR
RA
NT
IES
, IN
CL
UD
ING
, WIT
HO
UT
LIM
ITA
TIO
N, T
HE
WA
RR
AN
TY
OF
ME
RC
HA
NT
AB
ILIT
Y, F
ITN
ES
S F
OR
A P
AR
TIC
UL
AR
PU
RP
OS
E A
ND
NO
NIN
FR
ING
EM
EN
T O
R A
RIS
ING
FR
OM
A C
OU
RS
E O
F
DE
AL
ING
, US
AG
E, O
R T
RA
DE
PR
AC
TIC
E. I
N N
O E
VE
NT
SH
AL
L C
ISC
O O
R IT
S S
UP
PL
IER
S B
E L
IAB
LE
FO
R A
NY
IND
IRE
CT
, SP
EC
IAL
, CO
NS
EQ
UE
NT
IAL
, OR
INC
IDE
NT
AL
DA
MA
GE
S, I
NC
LU
DIN
G, W
ITH
OU
T L
IMIT
A-
TIO
N, L
OS
T P
RO
FIT
S O
R L
OS
S O
R D
AM
AG
E T
O D
AT
A A
RIS
ING
OU
T O
F T
HE
US
E O
R I
NA
BIL
ITY
TO
US
E T
HE
DE
SIG
NS
, EV
EN
IF
CIS
CO
OR
IT
S S
UP
PL
IER
S H
AV
E B
EE
N A
DV
ISE
D O
F T
HE
PO
SS
IBIL
ITY
OF
SU
CH
DA
MA
GE
S. T
HE
DE
SIG
NS
AR
E S
UB
JE
CT
TO
CH
AN
GE
WIT
HO
UT
NO
TIC
E. U
SE
RS
AR
E S
OL
ELY
RE
SP
ON
SIB
LE
FO
R T
HE
IR A
PP
LIC
AT
ION
OF
TH
E D
ES
IGN
S. T
HE
DE
SIG
NS
DO
NO
T C
ON
ST
ITU
TE
TH
E T
EC
HN
ICA
L
OR
OT
HE
R P
RO
FE
SS
ION
AL
AD
VIC
E O
F C
ISC
O, I
TS
SU
PP
LIE
RS
OR
PA
RT
NE
RS
. US
ER
S S
HO
UL
D C
ON
SU
LT
TH
EIR
OW
N T
EC
HN
ICA
L A
DV
ISO
RS
BE
FO
RE
IM
PL
EM
EN
TIN
G T
HE
DE
SIG
NS
. RE
SU
LT
S M
AY
VA
RY
DE
PE
ND
ING
ON
FA
CT
OR
S N
OT
TE
ST
ED
BY
CIS
CO
.
An
y In
tern
et
Pro
toc
ol (
IP)
ad
dre
ss
es
us
ed
in t
his
do
cu
me
nt
are
no
t in
ten
de
d t
o b
e a
ctu
al a
dd
res
se
s. A
ny
ex
am
ple
s, c
om
ma
nd
dis
pla
y o
utp
ut,
an
d fi
gu
res
inc
lud
ed
in t
he
do
cu
me
nt
are
sh
ow
n f
or
illu
str
ati
ve
pu
rpo
se
s
on
ly. A
ny
us
e o
f a
ctu
al I
P a
dd
res
se
s in
illu
str
ati
ve
co
nte
nt
is u
nin
ten
tio
na
l an
d c
oin
cid
en
tal.
Cis
co
Un
ifie
d C
om
mu
nic
ati
on
s S
RN
D (
Ba
se
d o
n C
isc
o U
nifi
ed
Co
mm
un
ica
tio
ns
Ma
na
ge
r 7
.x)
© 2
01
0 C
isc
o S
ys
tem
s, I
nc
. All
rig
hts
re
se
rve
d.
Ta
ble
of
Co
nte
nts
Cis
co
Sm
art
Bu
sin
es
s A
rch
ite
ctu
re B
ord
erl
es
s N
etw
ork
s f
or
En
terp
ris
e
.1
Bu
sin
es
s B
en
efi
ts .
....
....
....
....
....
....
....
....
....
....
....
....
....
....
.3
Te
ch
no
log
y P
art
ne
r S
olu
tio
n O
ve
rvie
w
....
....
....
....
....
....
....
....
...4
De
plo
yin
g A
rcS
igh
t E
xp
res
s .
....
....
....
....
....
....
....
....
....
....
....
..6
Co
lle
cti
ng
Lo
gs
, Ev
en
ts, a
nd
Co
rre
late
d E
ve
nts
....
....
....
....
....
....
...1
1
Ge
ne
rati
ng
Re
po
rts
...
....
....
....
....
....
....
....
....
....
....
....
....
....
13
Ma
inta
inin
g t
he
SIE
M S
olu
tio
n .
....
....
....
....
....
....
....
....
....
....
...1
5
Co
mm
on
Tro
ub
les
ho
oti
ng
Tip
s .
....
....
....
....
....
....
....
....
....
....
..1
6
Ex
am
ple
of
a D
ay
Ze
ro A
tta
ck
(M
alw
are
-In
fec
ted
Cu
sto
me
r N
etw
ork
) ..
.17
Pro
du
cts
Ve
rifi
ed
wit
h C
isc
o S
ma
rt B
us
ine
ss
Arc
hit
ec
ture
..
....
....
....
18
Ap
pe
nd
ix A
: SB
A f
or
En
terp
ris
e O
rga
niz
ati
on
s D
oc
um
en
t S
ys
tem
...
....
19
1C
isc
o S
ma
rt B
us
ine
ss
Arc
hit
ec
ture
Bo
rde
rle
ss
Ne
two
rks
fo
r E
nte
rpri
se
Cis
co
Sm
art
Bu
sin
es
s
Arc
hit
ec
ture
Bo
rde
rle
ss
N
etw
ork
s f
or
En
terp
ris
e
Th
e C
isc
o S
ma
rt B
us
ine
ss
Arc
hit
ec
ture
—B
ord
erl
es
s N
etw
ork
s f
or
En
terp
ris
e O
rga
niz
ati
on
s o
ffe
rs p
art
ne
rs a
nd
cu
sto
me
rs v
alu
ab
le n
etw
ork
de
sig
n a
nd
de
plo
ym
en
t b
es
t p
rac
tic
es
; he
lpin
g o
rga
niz
ati
on
s d
eli
ve
r
su
pe
rio
r e
nd
-us
er
ex
pe
rie
nc
e t
ha
t in
clu
de
sw
itc
hin
g, r
ou
tin
g, s
ec
uri
ty a
nd
wir
ele
ss
te
ch
no
log
ies
co
mb
ine
d w
ith
th
e c
om
pre
he
ns
ive
ma
na
ge
me
nt
ca
pa
bili
tie
s f
or
the
en
tire
sy
ste
m. C
us
tom
ers
ca
n u
se
th
e g
uid
an
ce
pro
vid
ed
in t
he
arc
hit
ec
ture
an
d d
ep
loy
me
nt
gu
ide
s t
o m
ax
imiz
e t
he
va
lue
of
the
ir
Cis
co
ne
two
rk i
n a
sim
ple
, fa
st,
aff
ord
ab
le, s
ca
lab
le a
nd
fle
xib
le m
an
ne
r.
Th
e m
od
ula
r d
es
ign
of
the
arc
hit
ec
ture
me
an
s t
ha
t te
ch
no
log
ies
ca
n b
e
ad
de
d w
he
n t
he
org
an
iza
tio
n i
s r
ea
dy
to
de
plo
y t
he
m. T
he
arc
hit
ec
ture
als
o p
rov
ide
s C
isc
o-t
es
ted
co
nfi
gu
rati
on
s a
nd
to
po
log
ies
th
at
CC
NA
-le
ve
l
en
gin
ee
rs c
an
us
e f
or
de
sig
n a
nd
in
sta
lla
tio
n, a
nd
to
su
pp
ort
org
an
iza
tio
na
l
ne
ed
s.
Cis
co
off
ers
a n
um
be
r o
f o
pti
on
s t
o p
rov
ide
se
cu
rity
ma
na
ge
me
nt
ca
pa
bili
-
tie
s. T
his
gu
ide
is
fo
cu
se
d o
n o
ur
pa
rtn
ers
hip
wit
h A
rcS
igh
t a
nd
in
teg
rati
on
wit
h t
he
ir p
rod
uc
ts t
o p
rov
ide
a c
om
pre
he
ns
ive
Se
cu
rity
In
form
ati
on
an
d
Ev
en
t M
an
ag
em
en
t (S
IEM
) s
olu
tio
n.
Arc
Sig
ht
Co
nn
ec
tors
(S
ma
rt C
on
ne
cto
rs)
co
lle
ct
ev
en
t d
ata
fro
m C
isc
o
ne
two
rk d
ev
ice
s. T
he
y c
an
no
rma
lize
, ca
teg
ori
ze
, an
d a
gg
reg
ate
ev
en
t d
ata
,
an
d s
ec
ure
ly a
nd
eff
icie
ntl
y d
eli
ve
r e
ve
nts
to
Arc
Sig
ht
ES
M o
r A
rcS
igh
t
Ex
pre
ss
(w
hic
h c
om
bin
es
Arc
Sig
ht
Lo
gg
er
an
d E
SM
fu
nc
tio
ns
fo
r s
ma
lle
r
ins
tall
ati
on
s).
Arc
Sig
ht
Co
ns
ole
pro
vid
es
th
e e
nte
rpri
se
da
sh
bo
ard
fo
r th
e
se
cu
rity
op
era
tio
ns
ce
nte
r (S
OC
). A
rcS
igh
t w
eb
-ba
se
d c
on
so
les
ca
n b
e
us
ed
fo
r IT
op
era
tio
ns
sta
ff f
or
se
arc
hin
g t
hro
ug
h a
rch
ive
d l
og
da
ta a
nd
ge
ne
rati
ng
co
mp
lia
nc
e r
ep
ort
s
2C
isc
o S
ma
rt B
us
ine
ss
Arc
hit
ec
ture
Bo
rde
rle
ss
Ne
two
rks
fo
r E
nte
rpri
se
Fig
ure
1.
Arc
Sig
ht
Inte
gra
ted
in
to S
ma
rt B
us
ine
ss
Arc
hit
ec
ture
—B
ord
erl
es
s N
etw
ork
s f
or
En
terp
ris
e O
rga
niz
ati
on
s
3B
us
ine
ss
Be
ne
fits
Bu
sin
es
s B
en
efit
s
Ne
two
rks
are
gro
win
g r
ap
idly
in s
ize
an
d c
om
ple
xit
y, l
inke
d w
ith
su
pp
liers
,
cu
sto
me
rs, a
nd
bu
sin
es
s p
art
ne
rs. T
he
ne
two
rk p
eri
me
ter
ha
s d
iss
olv
ed
an
d
the
no
tio
n o
f e
xte
rna
l ve
rsu
s in
tern
al t
hre
ats
ha
s b
lurr
ed
. As
a r
es
ult
, org
an
iza
-
tio
ns
be
ca
me
inc
rea
sin
gly
fo
cu
se
d o
n c
orr
ela
tin
g n
etw
ork
ac
tiv
ity
wit
h u
se
r
ac
tiv
ity
mo
nit
ori
ng
in t
he
co
nte
xt
bu
sin
es
s t
ran
sa
cti
on
s o
n c
riti
ca
l as
se
ts.
Cu
sto
me
rs a
re l
oo
kin
g f
or
a m
iss
ion
-cri
tic
al
IT a
nd
se
cu
rity
op
era
tio
ns
so
luti
on
th
at
pro
vid
es
th
e e
nte
rpri
se
-wid
e t
hre
at
ma
na
ge
me
nt,
re
al-
tim
e
co
rre
lati
on
/re
sp
on
se
, an
d f
lex
ible
mo
nit
ori
ng
an
d r
ep
ort
ing
ca
pa
bili
tie
s t
o
me
et
the
ir r
igo
rou
s r
eg
ula
tory
co
mp
lia
nc
e n
ee
ds
.
Arc
Sig
ht,
a l
ea
de
r in
SIE
M, p
rov
ide
s s
olu
tio
ns
th
at
se
rve
as
th
e m
iss
ion
co
ntr
ol
ce
nte
r fo
r re
al-
tim
e e
nte
rpri
se
-wid
e t
hre
at
ma
na
ge
me
nt,
co
mp
lia
nc
e
rep
ort
ing
an
d a
uto
ma
ted
ne
two
rk r
es
po
ns
e.
Th
e A
rcS
igh
t E
nte
rpri
se
Vie
w f
or
Cis
co
ap
pli
ca
tio
n a
dd
s p
ow
erf
ul
pre
-
de
fin
ed
co
nte
nt
(co
rre
lati
on
ru
les
, da
sh
bo
ard
s a
nd
re
po
rts
) th
at
all
ow
s
cu
sto
me
rs t
o m
on
ito
r a
cti
vit
y, c
on
fig
ura
tio
n c
ha
ng
es
, av
ail
ab
ility
, an
d t
hre
ats
ac
ros
s t
he
ir C
isc
o i
nfr
as
tru
ctu
re. I
n a
dd
itio
n, t
his
ap
pli
ca
tio
n c
orr
ela
tes
ale
rts
fro
m C
isc
o i
nfr
as
tru
ctu
re w
ith
se
cu
rity
ev
en
ts f
rom
re
st
of
the
en
ter-
pri
se
, an
d p
rov
ide
s a
co
mp
reh
en
siv
e e
nte
rpri
se
ris
k a
nd
th
rea
t m
an
ag
em
en
t
so
luti
on
to
me
et
reg
ula
tory
co
mp
lia
nc
e n
ee
ds
.
Ne
xt
Ge
ne
rati
on
En
terp
ris
e R
isk
an
d T
hre
at
Ma
na
ge
me
nt
So
luti
on
• H
elp
s s
ec
uri
ty o
pe
rati
on
s k
ee
p p
ac
e i
n m
on
ito
rin
g C
isc
o n
etw
ork
s
• C
orr
ela
tes
id
en
tity
in
form
ati
on
fro
m m
ult
iple
so
urc
es
, wit
h r
ep
uta
tio
n
da
ta f
rom
Cis
co
Se
ns
orB
as
e i
mp
rov
es
ac
cu
rac
y o
n s
ec
uri
ty a
lert
s
• E
na
ble
s c
om
pre
he
ns
ive
vis
ibili
ty, m
on
ito
rin
g a
nd
re
po
rtin
g a
cro
ss
Cis
co
pro
du
ct
po
rtfo
lio
Cu
sto
miz
ed
Ev
en
t C
orr
ela
tio
n,
Re
sp
on
se
, a
nd
Re
po
rti
ng
fo
r C
isc
o I
nfr
as
tru
ctu
re
• P
rov
ide
s C
isc
o s
pe
cif
ic c
on
ten
t (r
ule
s, r
ep
ort
s, d
as
hb
oa
rds
) f
or
rap
id
retu
rn o
n i
nv
es
tme
nt
(RO
I) w
ith
Arc
Sig
ht
En
terp
ris
eV
iew
fo
r C
isc
o
• C
oll
ec
ts a
nd
co
rre
late
s e
ve
nts
fro
m h
un
dre
ds
of
no
n-C
isc
o p
rod
uc
ts,
an
d a
llo
ws
yo
u t
o r
ap
idly
re
sp
on
d t
o e
nte
rpri
se
th
rea
ts
• P
roa
cti
ve
ly m
inim
ize
s o
r e
lim
ina
tes
en
terp
ris
e v
uln
era
bili
tie
s t
ha
t c
ou
ld
imp
ac
t th
e b
us
ine
ss
.
Fa
ste
r R
OI
for
Se
cu
rity
an
d I
T-O
pe
rati
on
s a
nd
Re
du
ce
d
Co
mp
lia
nc
e R
isk
• C
om
pli
me
nts
Cis
co
Se
cu
rity
MA
RS
de
plo
ym
en
ts b
y a
dd
ing
co
mp
lia
nc
e
rep
ort
ing
an
d s
up
po
rt f
or
ev
en
t lo
gg
ing
fro
m m
ult
iple
ve
nd
ors
• P
rov
ide
s a
co
st-
eff
ec
tiv
e l
on
g t
erm
sto
rag
e f
or
log
da
ta t
o i
nv
es
tig
ate
fau
lts
fo
r IT
op
era
tio
ns
• S
tre
am
lin
es
co
mp
lia
nc
e p
roc
es
s f
or
va
rio
us
co
rpo
rate
re
gu
lati
on
s, s
uc
h
as
Sa
rba
ne
s-O
xle
y, P
CI,
HIP
AA
, SB
13
86
, an
d B
as
el
II.
4T
ec
hn
olo
gy
Pa
rtn
er
So
luti
on
Ov
erv
iew
Te
ch
no
log
y P
art
ne
r S
olu
tio
n O
verv
iew
Arc
Sig
ht
En
terp
ris
eV
iew
fo
r C
isc
o
Arc
Sig
ht
En
terp
ris
eV
iew
fo
r C
isc
o p
rov
ide
s p
ow
erf
ul
pre
-de
fin
ed
co
nte
nt
(co
rre
lati
on
ru
les
, da
sh
bo
ard
s a
nd
re
po
rts
) th
at
all
ow
s c
us
tom
ers
to
mo
nit
or
ac
tiv
ity
, co
nfi
gu
rati
on
ch
an
ge
s, a
va
ila
bili
ty, a
nd
th
rea
ts a
cro
ss
th
eir
Cis
co
infr
as
tru
ctu
re. T
his
ap
pli
ca
tio
n (
co
nte
nt
pa
ck
) ru
ns
on
ex
isti
ng
Arc
Sig
ht
SIE
M p
latf
orm
in
sta
lla
tio
ns
an
d d
ep
en
ds
on
Sm
art
Co
nn
ec
tors
fo
r th
e C
isc
o
de
vic
es
to
be
in
sta
lle
d a
nd
co
nfi
gu
red
ap
pro
pri
ate
ly.
Fig
ure
2.
Th
e A
rcS
igh
t S
IEM
Arc
hit
ec
ture
Arc
Sig
ht
SIE
M P
latf
orm
Th
e A
rcS
igh
t S
IEM
Pla
tfo
rm i
s a
n a
wa
rd-w
inn
ing
se
t o
f p
rod
uc
ts f
or
mo
ni-
tori
ng
en
terp
ris
e t
hre
at
an
d r
isk
. Mo
st
co
rpo
rate
ne
two
rks
are
eff
ec
tiv
ely
bo
rde
rle
ss
; ex
tern
al
sy
ste
ms
an
d u
se
rs a
cc
es
s i
nte
rna
l s
ys
tem
s a
nd
da
ta
as
pa
rt o
f n
orm
al
op
era
tio
ns
. In
a b
ord
erl
es
s e
nv
iro
nm
en
t, a
co
mp
reh
en
siv
e
mo
nit
ori
ng
pla
tfo
rm b
rin
gs
se
cu
rity
an
d v
isib
ility
wit
ho
ut
imp
ac
tin
g f
lex
ible
bu
sin
es
s o
pe
rati
on
s. A
ll A
rcS
igh
t S
IEM
pla
tfo
rm p
rod
uc
ts li
ste
d b
elo
w
lev
era
ge
th
e s
am
e m
on
ito
rin
g i
nfr
as
tru
ctu
re (
Arc
Sig
ht
Sm
art
Co
nn
ec
tors
) to
ca
ptu
re, n
orm
aliz
e, a
nd
ca
teg
ori
ze
ev
en
ts a
nd
lo
gs
fro
m C
isc
o n
etw
ork
ing
an
d s
ec
uri
ty d
ev
ice
s.
Arc
Sig
ht
ES
M
Arc
Sig
ht
ES
M p
rote
cts
de
ma
nd
ing
pri
va
te a
nd
pu
bli
c o
rga
niz
ati
on
s t
hro
ug
h-
ou
t th
e w
orl
d. U
sin
g i
ts b
roa
d l
og
da
ta c
oll
ec
tio
n c
ap
ab
ility
, co
mb
ine
d w
ith
its
po
we
rfu
l e
ve
nt
co
rre
lati
on
en
gin
e, A
rcS
igh
t E
SM
ca
n d
ete
ct
so
ph
isti
ca
ted
thre
ats
cro
ss
ing
mu
ltip
le t
yp
es
of
se
cu
rity
pro
du
cts
. Arc
Sig
ht
ES
M e
xte
nd
s
the
re
ac
h o
f C
isc
o t
hre
at
ma
na
ge
me
nt
an
d r
es
po
ns
e, b
y p
erf
orm
ing
so
ph
is-
tic
ate
d e
ve
nt
co
rre
lati
on
of
Cis
co
ne
two
rk e
ve
nts
an
d a
lert
s w
ith
a b
roa
de
r
se
t o
f e
nte
rpri
se
-wid
e e
ve
nt-
so
urc
es
(s
ys
tem
s, d
ata
ba
se
s, a
nd
ap
pli
ca
tio
ns
).
As
a r
es
ult
, cu
sto
me
rs c
an
de
tec
t th
rea
ts i
n t
ime
to
ta
ke e
ffe
cti
ve
ac
tio
n.
Arc
Sig
ht
Lo
gg
er
Arc
Sig
ht
Lo
gg
er
pro
vid
es
co
st-
eff
ec
tiv
e l
on
g t
erm
lo
g m
an
ag
em
en
t a
nd
sto
rag
e, a
s w
ell
as
au
tom
ate
d c
om
pli
an
ce
re
po
rtin
g. B
y s
tori
ng
up
to
42
TB
of
log
da
ta o
n a
sin
gle
ap
pli
an
ce
wh
ile
su
pp
ort
ing
se
arc
h s
pe
ed
s o
f m
illi
on
s
of
ev
en
ts p
er
se
co
nd
ac
ros
s s
tru
ctu
red
an
d u
ns
tru
ctu
red
da
ta. A
rcS
igh
t
Lo
gg
er
bri
ng
s a
fle
xib
le m
ea
ns
of
sto
rin
g e
ve
nt
da
ta f
rom
Cis
co
ne
two
rkin
g
de
vic
es
fo
r y
ea
rs. A
rcS
igh
t L
og
ge
r s
up
po
rts
au
tom
ate
d r
ep
ort
ing
fo
r S
OX
,
PC
I D
SS
, NE
RC
an
d o
the
r re
gu
lati
on
s, i
nte
gra
tin
g C
isc
o S
ec
uri
ty M
AR
S d
ata
wit
h o
the
r e
nte
rpri
se
in
form
ati
on
.
Arc
Sig
ht
Ex
pre
ss
Arc
Sig
ht
Ex
pre
ss
in
clu
de
s t
he
in
du
str
y l
ea
din
g r
ea
l-ti
me
co
rre
lati
on
an
d
log
ma
na
ge
me
nt
tec
hn
olo
gie
s f
rom
ES
M a
nd
Lo
gg
er,
in
on
e p
re-p
ac
ka
ge
d
ea
sy
-to
-us
e S
IEM
so
luti
on
fo
r th
e m
id-m
ark
et.
Ex
pre
ss
is
re
ferr
ed
to
as
the
“s
ec
uri
ty e
xp
ert
in
a b
ox
”, a
nd
ha
s s
ev
era
l b
uil
t-in
co
rre
lati
on
ru
les
,
da
sh
bo
ard
s, a
nd
co
mp
lia
nc
e r
ep
ort
s. A
rcS
igh
t E
xp
res
s p
rov
ide
s a
ra
pid
ly
de
plo
ya
ble
, lo
w c
os
t m
id-m
ark
et
so
luti
on
fo
r m
on
ito
rin
g C
isc
o i
nfr
as
tru
ctu
re.
Arc
Sig
ht
Sm
artC
on
ne
cto
rs
Arc
Sig
ht
Sm
art
Co
nn
ec
tors
co
lle
ct
ev
en
t d
ata
fro
m n
etw
ork
de
vic
es
, an
d
the
y n
orm
aliz
e t
he
da
ta s
tru
ctu
re i
nto
co
mm
on
sc
he
ma
, ad
d s
ev
eri
ty,
pri
ori
ty, a
nd
tim
e z
on
e. S
ma
rtC
on
ne
cto
rs c
an
op
tio
na
lly f
ilte
r o
ut
da
ta t
ha
t
yo
u k
no
w i
s n
ot
ne
ed
ed
fo
r a
na
lys
is, s
av
ing
ne
two
rk b
an
dw
idth
an
d s
tora
ge
sp
ac
e. I
t c
an
ag
gre
ga
te e
ve
nts
to
re
du
ce
th
e q
ua
nti
ty o
f e
ve
nts
of
the
sa
me
typ
e, t
hu
s i
mp
rov
ing
eff
icie
nc
y. I
t c
an
ca
teg
ori
ze
ev
en
ts u
sin
g t
he
co
mm
on
,
hu
ma
n-r
ea
da
ble
fo
rma
ts, m
ak
ing
it
ea
sie
r to
us
e t
ho
se
ev
en
ts t
o b
uil
d f
ilte
rs,
rule
s, a
nd
re
po
rts
.
5T
ec
hn
olo
gy
Pa
rtn
er
So
luti
on
Ov
erv
iew
Ta
ble
1.
Co
mp
ari
so
n o
f A
rcS
igh
t S
IEM
Pro
du
cts
Arc
Sig
ht
ES
MA
rcS
igh
t L
og
ge
rA
rcS
igh
t E
xp
res
s
De
sc
rip
tio
nR
ea
l-ti
me
Ev
en
t C
orr
ela
tio
n a
nd
Re
po
rtin
gL
on
g-t
erm
Ev
en
t L
og
gin
g a
nd
Re
po
rtin
gE
ve
nt
Co
rre
lati
on
an
d L
og
gin
g f
or
SM
B
No
of
Us
ers
(A
dm
in)
Un
lim
ite
dU
nli
mit
ed
Un
lim
ite
d
Ev
en
ts P
er
Se
co
nd
15
K/i
ns
tan
ce
Lin
ea
rly
sc
ala
ble
10
0K
/in
sta
nc
e L
ine
arl
y s
ca
lab
le5
K/i
ns
tan
ce
Lin
ea
rly
sc
ala
ble
6D
ep
loy
ing
Arc
Sig
ht
Ex
pre
ss
De
plo
yin
g A
rcS
igh
t E
xp
res
s
Fo
llo
win
g i
s a
bri
ef
ov
erv
iew
of
ste
ps
to
fo
r s
et
up
a C
isc
o d
ev
ice
to
se
nd
sy
slo
g m
es
sa
ge
s t
o a
n A
rcS
igh
t S
ma
rtC
on
ne
cto
r p
latf
orm
, an
d s
et
up
Arc
Sig
ht
Sm
art
Co
nn
ec
tor
to s
en
d n
orm
aliz
ed
an
d c
ate
go
riz
ed
Cis
co
ev
en
ts
to a
ny
of
the
fo
llo
win
g d
es
tin
ati
on
s: A
rcS
igh
t E
SM
Ma
na
ge
r, A
rcS
igh
t L
og
ge
r,
or
Arc
Sig
ht
Ex
pre
ss
. Re
fer
to t
he
Arc
Sig
ht
Sm
art
Co
nn
ec
tor
Co
nfi
gu
rati
on
Gu
ide
fo
r th
e s
pe
cif
ic C
isc
o d
ev
ice
fo
r th
e d
eta
ile
d s
etu
p i
nfo
rma
tio
n.
Se
tup
Cis
co
De
vic
e
1.
Co
nfi
gu
re L
og
Su
bs
cri
pti
on
on
Cis
co
de
vic
e—
typ
e o
f in
form
ati
on
rec
ord
ed
an
d l
og
fo
rma
t
2.
Co
nfi
gu
re t
he
Lo
g R
etr
iev
al
me
tho
d—
ho
w l
og
s a
re t
ran
sfe
rre
d t
o
Arc
Sig
ht
Co
nn
ec
tor
Se
tup
Arc
Sig
ht
Sm
artC
on
ne
cto
r
1.
Do
wn
loa
d S
ma
rtC
on
ne
cto
r fr
om
Arc
Sig
ht
su
pp
ort
we
bs
ite
fo
r y
ou
r
sp
ec
ific
Cis
co
de
vic
e
2.
Ru
n S
ma
rtC
on
ne
cto
r In
sta
lle
r
–
Ch
oo
se
in
sta
ll f
old
er
an
d I
ns
tall
Se
t
–
Se
lec
t d
es
tin
ati
on
of
ev
en
ts: M
an
ag
er,
Lo
gg
er
–
Se
lec
t d
es
tin
ati
on
ho
stn
am
e/p
ort
–
En
ter
Arc
Sig
ht
ad
min
us
ern
am
e a
nd
pa
ss
wo
rd
7D
ep
loy
ing
Arc
Sig
ht
Ex
pre
ss
Arc
Sig
ht
Ex
pre
ss
Co
nfi
gu
rati
on
Th
is s
ec
tio
n p
rov
ide
s a
bri
ef
ov
erv
iew
of
ste
ps
to
fo
r s
et
up
Arc
Sig
ht
Ex
pre
ss
(“S
IEM
in
a b
ox
”) a
pre
-pa
ck
ag
ed
pro
du
ct
bu
nd
le f
or
sm
all
an
d
me
diu
m b
us
ine
ss
es
, co
mp
os
ed
of
two
ap
pli
an
ce
s. I
t in
vo
lve
s s
ett
ing
up
th
e
foll
ow
ing
. Re
fer
to t
he
Co
nfi
gu
rati
on G
uid
e: A
rcS
igh
t E
xp
ress
fo
r m
ore
de
tail
s.
• A
rcS
igh
t E
xp
res
s: a
pp
lia
nc
e #
1 i
nc
lud
es
:
–
Arc
Sig
ht
Ma
na
ge
r
–
Arc
Sig
ht
Fo
rwa
rdin
g C
on
ne
cto
r
–
Arc
Sig
ht
We
b (
UI)
• A
rcS
igh
t S
tora
ge
: ap
pli
an
ce
#2
in
clu
de
s:
–
Arc
Sig
ht
Lo
gg
er
–
Lo
ng
-te
rm d
ata
sto
rag
e
–
Arc
Sig
ht
Co
nn
ec
tor
Ma
na
ge
r
Fig
ure
3.
Arc
Sig
ht
Ex
pre
ss
De
plo
ym
en
t O
ve
rvie
w
Co
nfi
gu
re A
rcS
igh
t S
tora
ge
Ap
pli
an
ce
#2
Fir
st
1.
De
fin
e s
tora
ge
vo
lum
e: w
he
re A
rcS
igh
t S
tora
ge
Ap
pli
an
ce
sto
res
ev
en
t
da
ta
2.
Cre
ate
sto
rag
e g
rou
ps
: ap
ply
re
ten
tio
n p
oli
cie
s f
or
sto
rag
e v
olu
me
s
3.
Co
nfi
gu
re N
etw
ork
Tim
e P
roto
co
l (N
TP
) fo
r p
rec
ise
tim
e-s
tam
pin
g o
f
ev
en
ts (
hig
hly
re
co
mm
en
de
d)
4.
Ind
ex
ing
(o
pti
on
al)
: us
e d
efa
ult
in
de
xin
g o
pti
on
s f
or
be
tte
r p
erf
or-
ma
nc
e. R
eb
oo
t.
5.
Cre
ate
Sm
art
Me
ss
ag
e r
ec
eiv
ers
: to
lis
ten
on
ev
en
ts
Co
nfi
gu
re A
rcS
igh
t E
xp
res
s A
pp
lia
nc
e #
1 N
ex
t
1.
Co
nfi
gu
re O
rac
le E
nte
rpri
se
Lin
ux
2.
Co
nfi
gu
re A
rcS
igh
t E
xp
res
s s
oft
wa
re c
om
po
ne
nts
8D
ep
loy
ing
Arc
Sig
ht
Ex
pre
ss
3.
Se
lec
t w
he
the
r y
ou
wo
uld
like
to
fo
rwa
rd e
ve
nts
to
th
e A
rcS
igh
t
Sto
rag
e A
pp
lia
nc
e f
or
lon
g t
erm
sto
rag
e
4.
En
ter
ho
st
na
me
or
IP a
dd
res
s o
f th
e A
rcS
igh
t S
tora
ge
ap
pli
an
ce
an
d
the
na
me
of
the
Sm
art
Me
ss
ag
e R
ec
eiv
er
cre
ate
d o
n t
he
Arc
Sig
ht
Sto
rag
e A
pp
lia
nc
e.
Re
fer
to t
he
Arc
Sig
ht
Ex
pre
ss
Co
nfi
gu
rati
on
Gu
ide
fo
r m
ore
de
tail
s.
Ins
tall
th
e A
rcS
igh
t C
on
so
le
Arc
Sig
ht
Co
ns
ole
is
th
e p
rim
ary
us
er
inte
rfa
ce
fo
r p
erf
orm
ing
ad
min
istr
ati
ve
tas
ks
on
Arc
Sig
ht
Ex
pre
ss
.
1.
Ins
tall
an
d c
on
fig
ure
Arc
Sig
ht
Co
ns
ole
, an
d s
et
up
co
nn
ec
tio
n t
o
Arc
Sig
ht
Ma
na
ge
r
2.
Cre
ate
ad
min
istr
ati
ve
us
ers
in
Arc
Sig
ht
Ex
pre
ss
9D
ep
loy
ing
Arc
Sig
ht
Ex
pre
ss
Co
nfi
gu
re a
ll C
isc
o S
ma
rtC
on
ne
cto
rs c
en
tra
lly
fro
m
Co
nn
ec
tor
Ma
na
ge
r
Yo
u c
an
us
e t
he
Cis
co
Sm
art
Co
nn
ec
tors
th
at
are
lo
ca
l to
th
e A
rcS
igh
t
Ex
pre
ss
ap
pli
an
ce
. Yo
u c
an
als
o c
en
tra
lly m
an
ag
e m
ult
iple
re
mo
te C
isc
o
Sm
art
Co
nn
ec
tors
fro
m t
he
Co
nn
ec
torM
an
ag
er
on
th
is a
pp
lia
nc
e. R
efe
r to
the
Arc
Sig
ht
Ex
pre
ss
Co
nfi
gu
rati
on
Gu
ide
fo
r m
ore
de
tail
s.
Fo
r la
rge
en
terp
ris
es
, Arc
Sig
ht
Ex
pre
ss
ap
pli
an
ce
s c
an
be
re
pla
ce
d b
y t
he
foll
ow
ing
tw
o s
ep
ara
te A
rcS
igh
t p
rod
uc
ts f
or
hig
hly
sc
ala
ble
an
d s
op
his
-
tic
ate
d e
ve
nt
co
rre
lati
on
fo
r s
ec
uri
ty o
pe
rati
on
s, a
nd
lo
gg
ing
fo
r IT
op
era
-
tio
ns
. Fo
r m
ore
de
tail
s r
efe
r to
th
e i
ns
tall
ati
on
an
d c
on
fig
ura
tio
n d
oc
um
en
ts
of
the
re
sp
ec
tiv
e p
rod
uc
ts li
ste
d b
elo
w.
• A
rcS
igh
t E
SM
: so
ftw
are
pa
ck
ag
e i
nc
lud
es
th
e f
oll
ow
ing
. Re
fer
to t
he
Insta
llati
on a
nd
Co
nfi
gu
rati
on G
uid
e: A
rcS
igh
t E
SM
,
–
Arc
Sig
ht
Ma
na
ge
r
–
Arc
Sig
ht
Da
tab
as
e
–
Arc
Sig
ht
Co
ns
ole
an
d/o
r A
rcS
igh
t W
eb
• A
rcS
igh
t L
og
ge
r: a
pp
lia
nc
e i
nc
lud
es
th
e f
oll
ow
ing
. Re
fer
to t
he
Arc
Sig
ht
Lo
gg
er
Ge
ttin
g S
tart
ed
Gu
ide
, an
d t
he
In
sta
lla
tio
n c
ha
pte
r in
th
e
Arc
Sig
ht
Lo
gg
er
Ad
min
istr
ato
r’s G
uid
e.
–
Arc
Sig
ht
Lo
gg
er
–
Lo
ng
-te
rm d
ata
sto
rag
e—
SA
N, S
tora
ge
Vo
lum
e, S
tora
ge
Gro
up
s
Fig
ure
4.
Arc
Sig
ht
Co
ns
ole
Sh
ow
ing
a L
ist
of
Cis
co
Sm
art
Co
nn
ec
tors
Re
gis
tere
d w
ith
Arc
Sig
ht
ES
M
10
De
plo
yin
g A
rcS
igh
t E
xp
res
s
Ins
tall
Arc
Sig
ht
En
terp
ris
eV
iew
fo
r C
isc
o S
olu
tio
n
Pa
ck
ag
e
1.
Do
wn
loa
d t
he
En
terp
ris
eV
iew
fo
r C
isc
o p
ac
ka
ge
fro
m A
rcs
igh
t s
oft
wa
re
do
wn
loa
d s
ite
(h
ttp
s:/
/so
ftw
are
.arc
sig
ht.
co
m/)
2.
Lo
g i
nto
Arc
Sig
ht
Ex
pre
ss
Co
ns
ole
as
Ad
min
istr
ato
r, c
lic
k o
n P
ac
ka
ge
s
tab
. Cli
ck
Im
po
rt, s
ele
ct
pa
ck
ag
e a
nd
fo
llo
w d
ire
cti
on
s t
o i
ns
tall
pa
ck
ag
e.
3.
To
ve
rify
th
e p
ac
ka
ge
is
in
sta
lle
d s
uc
ce
ss
fully
, se
lec
t P
ac
ka
ge
s t
ab
in
Na
vig
ato
r p
an
el,
an
d e
xp
an
d t
he
Arc
Sig
ht
So
luti
on
s g
rou
p.
11
Co
llec
tin
g L
og
s, E
ve
nts
, an
d C
orr
ela
ted
Ev
en
ts
Co
llec
tin
g L
og
s, E
ven
ts,
an
d C
orr
ela
ted
Eve
nts
Th
e C
isc
o I
ns
igh
t P
ac
ka
ge
is
a p
rep
ac
ka
ge
d s
et
of
po
we
rfu
l a
na
lys
is t
oo
ls
de
ve
lop
ed
by
Arc
Sig
ht
tha
t p
rov
ide
s t
ha
t a
llo
w y
ou
to
mo
nit
or
ac
tiv
ity
,
co
nfi
gu
rati
on
ch
an
ge
s, a
va
ila
bili
ty, a
nd
th
rea
ts a
cro
ss
Cis
co
de
vic
es
in
yo
ur
en
vir
on
me
nt.
A c
om
pre
he
ns
ive
an
d e
as
ily c
us
tom
iza
ble
se
t o
f d
as
hb
oa
rds
,
ac
tiv
e c
ha
nn
els
, an
d r
ep
ort
s a
llo
ws
yo
u t
o m
ea
su
re a
nd
re
po
rt o
n t
he
sta
tus
of
de
vic
es
an
d a
va
rie
ty o
f o
the
r a
cti
vit
ies
ta
kin
g p
lac
e i
n y
ou
r n
etw
ork
.
Re
fer
to t
he
Arc
Sig
ht
So
luti
on G
uid
e: C
isc
o I
nsig
ht
Pac
kag
e v
1.0
fo
r
mo
re d
eta
ils
on
ho
w t
o c
oll
ec
t C
isc
o l
og
s a
nd
ev
en
ts a
nd
co
rre
late
th
em
wit
h i
nfo
rma
tio
n f
rom
th
e r
es
t o
f th
e e
nte
rpri
se
. It
pro
vid
es
in
form
ati
on
on
the
fo
llo
win
g:
• In
sta
lla
tio
n a
nd
co
nfi
gu
rati
on
• U
se
ca
se
s
• C
om
pa
re, b
ac
ku
p a
nd
un
ins
tall
pa
ck
ag
e
Us
e c
as
es
are
ta
rge
ted
co
lle
cti
on
s o
f p
res
en
tati
on
, co
rre
lati
on
, an
d d
ata
pro
ce
ss
ing
re
so
urc
es
de
sig
ne
d t
o a
dd
res
s a
pa
rtic
ula
r re
qu
ire
me
nt
or
Cis
co
de
vic
e. T
he
Cis
co
In
sig
ht
Pa
ck
ag
e s
up
po
rts
th
e f
oll
ow
ing
us
e c
as
es
:
Us
e C
as
eD
es
cri
pti
on
Cis
co
Ov
erv
iew
Th
e C
isc
o O
ve
rvie
w u
se
ca
se
pro
vid
es
hig
h-l
ev
el
rep
ort
s d
es
cri
bin
g l
og
ins
, co
nfi
gu
rati
on
ch
an
ge
s,
an
d o
the
r e
ve
nts
in
vo
lvin
g C
isc
o f
ire
wa
lls a
nd
Cis
co
Intr
us
ion
Pre
ve
nti
on
Sy
ste
ms
in
yo
ur
en
vir
on
me
nt.
Cis
co
Cro
ss
-De
vic
eT
he
Cis
co
Cro
ss
-De
vic
e u
se
ca
se
pro
vid
es
in
for-
ma
tio
n a
bo
ut
log
ins
, co
nfi
gu
rati
on
ch
an
ge
s, a
nd
ba
nd
wid
th c
on
su
mp
tio
n a
cro
ss
all
Cis
co
de
vic
es
in
yo
ur
en
vir
on
me
nt.
Cis
co
Ge
ne
ric
Fir
ew
all
Th
e C
isc
o G
en
eri
c F
ire
wa
ll u
se
ca
se
id
en
tifi
es
an
d p
rov
ide
s f
ire
wa
ll i
nfo
rma
tio
n b
as
ed
on
ev
en
ts
rep
ort
ed
by
an
y C
isc
o f
ire
wa
ll d
ev
ice
or
mo
du
le i
n
yo
ur
ne
two
rk.
Us
e C
as
eD
es
cri
pti
on
Cis
co
Ge
ne
ric
Intr
us
ion
Pre
ve
nti
on
Sy
ste
m (
IPS
)
Th
e C
isc
o G
en
eri
c I
PS
us
e c
as
e p
rov
ide
s r
ep
ort
s
an
d d
as
hb
oa
rds
ba
se
d o
n a
lert
s g
en
era
ted
by
an
y
Cis
co
ID
S/I
PS
de
vic
es
or
mo
du
les
.
Cis
co
Ad
ap
tiv
e
Se
cu
rity
Ap
pli
an
ce
(AS
A)
Th
e C
isc
o A
SA
us
e c
as
e p
rov
ide
s f
ire
wa
ll i
nfo
rma
-
tio
n b
as
ed
on
ev
en
ts r
ep
ort
ed
by
Cis
co
AS
A 5
50
0
Se
rie
s A
da
pti
ve
Se
cu
rity
Ap
pli
an
ce
s.
Cis
co
IP
S S
en
so
rT
he
Cis
co
IP
S S
en
so
r u
se
ca
se
pro
vid
es
ev
en
t s
ta-
tis
tic
s a
nd
co
nfi
gu
rati
on
ch
an
ge
s r
ep
ort
ed
by
Cis
co
IPS
se
ns
ors
su
ch
as
th
e C
isc
o I
PS
42
00
Se
rie
s
ap
pli
an
ce
, Cis
co
Ca
taly
st
65
00
se
rie
s I
ntr
us
ion
De
tec
tio
n S
ys
tem
Se
rvic
es
Mo
du
le (
IDS
M),
an
d
Cis
co
AS
A A
dv
an
ce
d I
ns
pe
cti
on
an
d P
rev
en
tio
n
Se
cu
rity
Se
rvic
es
Mo
du
le (
AIP
-SS
M).
Cis
co
IO
S I
PS
Th
e C
isc
o I
OS
IP
S u
se
ca
se
pro
vid
es
ev
en
t s
tati
s-
tic
s a
nd
co
nfi
gu
rati
on
ch
an
ge
in
form
ati
on
re
po
rte
d
by
Cis
co
IO
S I
PS
de
vic
es
pre
se
nt
in y
ou
r n
etw
ork
.
Cis
co
Iro
nP
ort
Em
ail
Se
cu
rity
Ap
pli
an
ce
(ES
A)
Th
e C
isc
o I
ron
Po
rt E
ma
il S
ec
uri
ty A
pp
lia
nc
e u
se
ca
se
id
en
tifi
es
an
d p
rov
ide
s w
eb
tra
ffic
in
form
a-
tio
n b
as
ed
on
ev
en
ts r
ep
ort
ed
by
Em
ail
Se
cu
rity
Ap
pli
an
ce
s p
res
en
t in
yo
ur
ne
two
rk.
Cis
co
Iro
nP
ort
We
b
Se
cu
rity
Ap
pli
an
ce
(WS
A)
Th
e C
isc
o I
ron
Po
rt W
eb
Se
cu
rity
Ap
pli
an
ce
us
e
ca
se
id
en
tifi
es
an
d p
rov
ide
s w
eb
tra
ffic
in
form
a-
tio
n b
as
ed
on
ev
en
ts r
ep
ort
ed
by
We
b S
ec
uri
ty
Ap
pli
an
ce
s p
res
en
t in
yo
ur
ne
two
rk.
Cis
co
Ne
two
rkT
he
Cis
co
Ne
two
rk u
se
ca
se
id
en
tifi
es
an
d p
rov
ide
s
info
rma
tio
n b
as
ed
on
ev
en
ts r
ep
ort
ed
by
Cis
co
ne
two
rk e
qu
ipm
en
t.
12
Co
llec
tin
g L
og
s, E
ve
nts
, an
d C
orr
ela
ted
Ev
en
ts
Fo
llo
win
g a
re s
om
e s
am
ple
sc
ree
n s
ho
ts f
or
Cis
co
Ge
ne
ric
Fir
ew
all
us
e
ca
se
s.
Fig
ure
5.
Arc
Sig
ht
Da
sh
bo
ard
fo
r C
isc
o G
en
eri
c F
ire
wa
ll e
ve
nts
Fig
ure
6.
Arc
Sig
ht
Ev
en
t V
iew
er
dis
pla
yin
g a
ll C
isc
o n
etw
ork
ev
en
ts
13
Ge
ne
rati
ng
Re
po
rts
Ge
ne
rati
ng
Re
po
rts
Th
e A
rcS
igh
t S
olu
tio
n G
uid
e: C
isc
o I
nsig
ht
Pac
kag
e v
1.0
de
sc
rib
es
th
e
se
ve
ral
pre
-pa
ck
ag
ed
re
po
rts
th
at
ca
n b
e u
se
d t
o t
rac
k l
og
ins
, co
nfi
gu
rati
on
ch
an
ge
s, a
nd
oth
er
ev
en
ts i
nv
olv
ing
Cis
co
de
vic
es
in
yo
ur
en
vir
on
me
nt.
Th
e f
oll
ow
ing
ta
ble
lis
ts t
he
in
form
ati
on
pre
se
nta
tio
n a
nd
da
ta p
roc
es
sin
g
res
ou
rce
s t
ha
t s
up
po
rt t
he
Cis
co
Ov
erv
iew
us
e c
as
es
in
th
e A
rcS
igh
t
So
luti
on G
uid
e.
Cis
co
Re
so
urc
eO
ve
rvie
w R
ep
ort
De
sc
rip
tio
n
Ov
erv
iew
of
Cis
co
Co
nfi
gu
rati
on
Ch
an
ge
s
Dis
pla
ys
su
mm
ary
in
form
ati
on
on
co
nfi
gu
rati
on
ch
an
ge
s t
o C
isc
o
de
vic
es
su
ch
as
th
e c
ha
ng
e c
ou
nt
pe
r d
ay
, pe
r h
ou
r, t
op
aff
ec
ted
de
vic
e, a
nd
to
p i
nv
olv
ed
us
ers
.
Cis
co
Fir
ew
all
Ov
erv
iew
- T
op
All
ow
ed
Sy
ste
ms
Dis
pla
ys
su
mm
ary
in
form
a-
tio
n a
bo
ut
top
all
ow
ed
sy
ste
ms
rep
ort
ed
by
Cis
co
fir
ew
all
de
vic
es
in t
he
la
st
24
ho
urs
su
ch
as
th
e t
op
inb
ou
nd
(o
r o
utb
ou
nd
) s
ou
rce
s a
nd
de
sti
na
tio
ns
.
Cis
co
Fir
ew
all
Ov
erv
iew
- T
op
De
nie
d S
ys
tem
s
Dis
pla
ys
su
mm
ary
in
form
ati
on
ab
ou
t to
p d
en
ied
sy
ste
ms
re
po
rte
d
by
Cis
co
fir
ew
all
de
vic
es
in
th
e l
as
t
24
ho
urs
su
ch
as
th
e t
op
in
bo
un
d
(or
ou
tbo
un
d)
blo
cke
d s
ou
rce
s a
nd
de
sti
na
tio
ns
.
Ov
erv
iew
of
Lo
gin
s R
ep
ort
ed
by
Cis
co
De
vic
es
- S
ys
tem
s
Dis
pla
ys
su
mm
ary
in
form
ati
on
on
log
in a
tte
mp
ts r
ec
ord
ed
by
Cis
co
de
vic
es
su
ch
as
th
e t
op
su
cc
es
s-
ful
an
d f
ail
ed
lo
gin
so
urc
es
an
d
de
sti
na
tio
ns
.
Ov
erv
iew
of
Lo
gin
s R
ep
ort
ed
by
Cis
co
De
vic
es
- T
ren
d a
nd
Us
ers
Dis
pla
ys
su
mm
ary
in
form
ati
on
on
log
in a
tte
mp
ts r
ec
ord
ed
by
Cis
co
de
vic
es
su
ch
as
th
e a
tte
mp
t c
ou
nt
pe
r d
ay
, pe
r p
rod
uc
t, t
op
us
ers
wit
h
su
cc
es
sfu
l a
nd
fa
ile
d l
og
ins
.
Cis
co
Re
so
urc
eO
ve
rvie
w R
ep
ort
De
sc
rip
tio
n
Cis
co
In
tru
sio
n P
rev
en
tio
n S
ys
tem
Ov
erv
iew
Dis
pla
ys
su
mm
ary
in
form
ati
on
ab
ou
t a
lert
s r
ep
ort
ed
by
Cis
co
IP
S
de
vic
es
in
th
e l
as
t 2
4 h
ou
rs s
uc
h
as
ale
rts
pe
r d
ay
, th
e t
op
ale
rts
, to
p
att
ac
kers
an
d t
arg
ets
in
vo
lve
d.
Cis
co
Fir
ew
all
Ov
erv
iew
- T
ren
d a
nd
Po
rt
Dis
pla
ys
su
mm
ary
in
form
ati
on
on
fire
wa
ll e
ve
nts
fro
m C
isc
o d
ev
ice
s
su
ch
as
th
e i
nb
ou
nd
(o
r o
utb
ou
nd
)
co
nn
ec
tio
ns
pe
r d
ay
, to
p i
nb
ou
nd
(or
ou
tbo
un
d)
blo
cke
d p
ort
s.
Th
e f
oll
ow
ing
fig
ure
sh
ow
s a
sa
mp
le p
re-d
efi
ne
d r
ep
ort
fo
r C
isc
o F
ire
wa
ll
ac
tiv
ity
.
Fig
ure
7.
Arc
Sig
ht
tre
nd
re
po
rts
on
Cis
co
Fir
ew
all
ac
tiv
ity
14
Ge
ne
rati
ng
Re
po
rts
Wit
h t
he
Arc
Sig
ht
Co
mp
lia
nc
e I
ns
igh
t P
ac
ka
ge
s f
or
va
rio
us
re
gu
lati
on
s (
e.g
.
SO
X, P
CI,
IT G
ov
ern
an
ce
) o
n A
rcS
igh
t E
SM
or
Ex
pre
ss
, cu
sto
me
rs c
an
ge
t
pre
-de
fin
ed
Co
mp
lia
nc
e R
ep
ort
s f
or
tho
se
re
gu
lati
on
s. H
ere
is
a s
am
ple
co
mp
lia
nc
e r
ep
ort
fo
r S
arb
an
es
-Ox
ley
(S
OX
).
Fig
ure
8.
Arc
Sig
ht
Co
mp
lia
nc
e R
ep
ort
s –
Sa
rba
ne
s-O
xle
y
15
Ma
inta
inin
g t
he
SIE
M S
olu
tio
n
Ma
inta
inin
g t
he
S
IEM
So
luti
on
Arc
Sig
ht
pu
bli
sh
es
th
e f
oll
ow
ing
pro
du
ct
an
d c
on
ten
t u
pd
ate
s w
ith
th
e
foll
ow
ing
fre
qu
en
cy
.
• C
on
ten
t u
pd
ate
(c
ate
go
riz
ati
on
, vu
lne
rab
ility
ma
pp
ing
): t
wic
e a
mo
nth
• C
on
tex
t u
pd
ate
(g
eo
loc
ati
on
of
IPs
): o
nc
e a
mo
nth
• S
ma
rtC
on
ne
cto
r u
pd
ate
s: e
ve
ry s
ix w
ee
ks
• P
eri
od
ic c
orr
ela
tio
n c
on
ten
t u
pd
ate
s
• P
eri
od
ic s
oft
wa
re u
pd
ate
s
16
Co
mm
on
Tro
ub
les
ho
oti
ng
Tip
s
Co
mm
on
T
rou
ble
sh
oo
tin
g T
ips
Th
es
e t
rou
ble
sh
oo
tin
g s
tep
s h
elp
to
dia
gn
os
e a
nd
co
rre
ct
pro
ble
ms
wit
h
ge
ttin
g C
isc
o e
ve
nts
to
be
co
ns
um
ed
an
d p
roc
es
se
d b
y A
rcS
igh
t. P
lea
se
refe
r to
th
e A
rcS
igh
t A
dm
inis
tra
tor
Gu
ide
s f
or
Arc
sig
ht
ES
M, L
og
ge
r, a
nd
Ex
pre
ss
, to
he
lp w
ith
th
e A
rcS
igh
t p
latf
orm
-sp
ec
ific
tro
ub
le s
ho
oti
ng
.
My
de
vic
e i
s n
ot
on
e o
f th
e l
iste
d S
ma
rtC
on
ne
cto
rs.
Arc
Sig
ht
off
ers
an
op
tio
na
l fe
atu
re c
all
ed
th
e F
lex
Co
nn
ec
tor
De
ve
lop
me
nt
Kit
wh
ich
ma
y e
na
ble
yo
u t
o c
rea
te a
cu
sto
m S
ma
rtC
on
ne
cto
r fo
r y
ou
r
de
vic
e. A
rcS
igh
t c
an
cre
ate
a c
us
tom
Sm
art
Co
nn
ec
tor.
Co
nta
ct
Arc
Sig
ht
Cu
sto
me
r S
up
po
rt.
My
de
vic
e i
s o
n t
he
lis
t o
f s
up
po
rte
d p
rod
uc
ts,
bu
t it
d
oe
s n
ot
ap
pe
ar
in t
he
Sm
artC
on
ne
cto
r C
on
fig
ura
tio
n
Wiz
ard
.
Yo
ur
de
vic
e i
s li
kely
se
rve
d b
y a
sy
slo
g s
ub
-co
nn
ec
tor
of
eit
he
r fi
le, p
ipe
, or
da
em
on
ty
pe
.
De
vic
e e
ve
nts
are
no
t h
an
dle
d a
s e
xp
ec
ted
.
Ch
ec
k t
he
Sm
art
Co
nn
ec
tor
co
nfi
gu
rati
on
to
ma
ke s
ure
th
at
the
ev
en
t fi
lte
r-
ing
an
d a
gg
reg
ati
on
se
tup
is
ap
pro
pri
ate
fo
r y
ou
r n
ee
ds
.
Sm
artC
on
ne
cto
r is
no
t re
po
rti
ng
all
ev
en
ts.
Ch
ec
k t
ha
t e
ve
nt
filt
eri
ng
an
d a
gg
reg
ati
on
se
tup
is
ap
pro
pri
ate
fo
r y
ou
r
ne
ed
s.
So
me
Ev
en
t fi
eld
s a
re n
ot
sh
ow
ing
up
in
th
e C
on
so
le.
Ch
ec
k t
ha
t th
e S
ma
rtC
on
ne
cto
r’s
Tu
rbo
Mo
de
an
d t
he
Tu
rbo
Mo
de
of
the
Ma
na
ge
r fo
r th
e s
pe
cif
ic S
ma
rtC
on
ne
cto
r re
so
urc
e a
re c
om
pa
tib
le. I
f th
e
Ma
na
ge
r is
se
t fo
r a
fa
ste
r T
urb
o M
od
e t
ha
n t
he
Sm
art
Co
nn
ec
tor,
so
me
ev
en
t d
eta
ils
wil
l b
e l
os
t.
Sm
artC
on
ne
cto
r is
no
t re
po
rti
ng
an
y e
ve
nts
.
Ch
ec
k t
he
Sm
art
Co
nn
ec
tor
log
fo
r e
rro
rs. I
f th
e S
ma
rtC
on
ne
cto
r c
an
no
t
co
mm
un
ica
te w
ith
th
e M
an
ag
er,
it
wil
l c
ac
he
ev
en
ts u
nti
l it
s c
ac
he
is
fu
ll.
17
Ex
am
ple
of
a D
ay
Ze
ro A
tta
ck
Ex
am
ple
of
a D
ay
Ze
ro
Att
ac
k (M
alw
are
-In
fec
ted
C
us
tom
er
Ne
two
rk)
Ze
ro-d
ay
att
ac
ks
oc
cu
r d
uri
ng
th
e v
uln
era
bili
ty w
ind
ow
th
at
ex
ists
in
th
e
tim
e b
etw
ee
n w
he
n v
uln
era
bili
ty i
s f
irs
t e
xp
loit
ed
by
an
att
ac
ker,
an
d w
he
n
the
pro
du
ct
ve
nd
or
or
se
cu
rity
se
rvic
e p
rov
ide
r re
lea
se
s a
co
un
ter-
me
as
ure
(se
cu
rity
pa
tch
or
an
IP
S s
ign
atu
re)
to d
ete
ct
tha
t th
rea
t.
Th
e A
rcS
igh
t S
IEM
so
luti
on
ha
s a
pa
ten
t-p
en
din
g f
ea
ture
ca
lle
d “
Pa
tte
rn
Dis
co
ve
ry”
tha
t c
an
au
tom
ati
ca
lly d
isc
ov
er
ze
ro-d
ay
att
ac
ks
, de
tec
t lo
w-a
nd
-
slo
w a
tta
ck
s, a
nd
pro
file
ne
w s
us
pic
iou
s p
att
ern
s f
rom
cu
rre
nt
or
his
tori
ca
l
ev
en
t d
ata
. It
the
n a
llo
ws
yo
u t
o a
uto
ma
tic
ally
cre
ate
a r
ule
wit
h a
sin
gle
mo
us
e c
lic
k, a
nd
ta
ke a
ny
on
e o
f th
e f
oll
ow
ing
op
tio
ns
to
fu
rth
er
an
aly
ze
an
d
res
po
nd
to
su
ch
att
ac
ks
– s
ho
w r
ela
ted
ev
en
ts, s
ho
w e
ve
nt
gra
ph
, in
ve
sti
-
ga
te f
urt
he
r, o
r ta
ke a
mit
iga
tio
n a
cti
on
if
the
att
ac
k i
s p
ers
iste
nt.
Th
e f
oll
ow
ing
ste
ps
sh
ow
th
e p
roc
es
s o
f s
ett
ing
up
Pa
tte
rn D
isc
ov
ery
to
de
tec
t a
nd
mit
iga
te z
ero
-da
y a
tta
ck
s.
1.
Cre
ate
a p
rofi
le w
hic
h a
llo
ws
yo
u t
o s
ele
ct
a s
ub
se
t o
f e
ve
nts
fro
m t
he
ev
en
t s
tre
am
, on
wh
ich
th
e P
att
ern
-Dis
co
ve
ry t
oo
l c
an
be
us
ed
. Th
e
cri
teri
a f
or
filt
eri
ng
ev
en
t-s
tre
am
co
uld
be
ev
en
t s
tart
tim
e, e
nd
tim
e,
so
urc
e a
nd
/or
de
sti
na
tio
n I
P a
dd
res
s, a
pp
lic
ati
on
pro
toc
ol
or
pa
ylo
ad
.
2.
Ta
ke a
sn
ap
sh
ot
of
qu
ali
fyin
g e
ve
nt
ac
tiv
ity
fro
m c
urr
en
t o
r h
isto
ric
al
ev
en
ts, a
nd
ch
oo
se
Dis
co
ve
r P
att
ern
s.
3.
Th
e r
es
ult
ing
pa
tte
rn t
ree
dis
pla
ys
th
e t
ran
sa
cti
on
al
rela
tio
ns
hip
of
the
att
ac
k p
att
ern
s. R
igh
t-c
lic
kin
g o
n a
sp
ec
ific
ce
ll i
n t
he
tre
e a
llo
ws
yo
u
to f
urt
he
r in
ve
sti
ga
te (
e.g
. sh
ow
ev
en
t g
rap
h),
or
au
tom
ati
ca
lly c
rea
te a
rule
to
mit
iga
te t
he
th
rea
t if
it
is p
ers
iste
nt.
Bo
th A
rcS
igh
t E
xp
res
s a
nd
ES
M h
as
th
e P
att
ern
Dis
co
ve
ry f
ea
ture
av
ail
ab
le
to d
ete
ct,
fu
rth
er
inv
es
tig
ate
an
d r
ap
idly
re
sp
on
d t
o u
nk
no
wn
(z
ero
-da
y)
att
ac
ks
.
18
Pro
du
cts
Ve
rifi
ed
wit
h C
isc
o S
ma
rt B
us
ine
ss
Arc
hit
ec
ture
Pro
du
cts
Ve
rifie
d w
ith
C
isc
o S
ma
rt B
us
ine
ss
A
rch
ite
ctu
re
Arc
Sig
ht
ES
M 4
.5.1
ha
s b
ee
n v
eri
fie
d w
ith
Cis
co
Sm
art
Bu
sin
es
s
Arc
hit
ec
ture
us
ing
th
e f
oll
ow
ing
so
ftw
are
ve
rsio
ns
:
• C
isc
o A
SA
55
00
Se
rie
s 8
.2(1
)
• C
isc
o I
OS
So
ftw
are
Re
lea
se
15
.0(1
)M2
• C
isc
o I
OS
XE
Re
lea
se
2.6
.1
• C
isc
o I
ntr
us
ion
Pre
ve
nti
on
Sy
ste
m 7
.0.(2
)E3
• C
isc
o I
ron
Po
rt A
sy
nc
OS
Ve
rsio
n 7
.1 f
or
Em
ail
• C
isc
o I
ron
Po
rt A
sy
nc
OS
Ve
rsio
n 6
.3 f
or
We
b
• C
isc
o S
ec
uri
ty M
AR
S 6
.0.5
.
19
Ap
pe
nd
ix A
Ap
pe
nd
ix A
: S
BA
fo
r E
nte
rpri
se
Org
an
iza
tio
ns
Do
cu
me
nt
Sy
ste
m
Ad
va
nc
ed
Gu
es
t
Wir
ele
ss
Ne
tw
ork
De
vic
e
Au
th
en
tic
atio
n a
nd
Au
th
oriz
atio
n
Co
lla
ps
ed
Ca
mp
us
an
d D
ata
Ce
nte
r C
ore
Wir
ele
ss
Cle
an
Air
3G
Wir
ele
ss
Re
mo
te
Sit
e
La
ye
r 2
WA
N
Gro
up
En
cry
pte
dT
ran
sp
ort
VP
N
VP
N R
em
ote
Sit
e
Lu
me
ns
ion
D
ata
Se
cu
rity
CR
ED
AN
T
Da
ta S
ec
uri
ty
Cis
co
Da
ta S
ec
uri
ty
Sp
lun
k S
IEM
RS
A S
IEM
nF
x S
IEM
Lo
gL
og
ic S
IEM
Arc
Sig
ht
SIE
M
Cis
co
SIE
M
Configuration
Files
Configuration
Files
Se
rvic
e a
nd
Av
ail
ab
ilit
y–
Cis
co
LM
S
Se
rvic
e a
nd
Av
ail
ab
ilit
y–
So
larW
ind
s
Ne
two
rk A
na
lys
is
an
d R
ep
ort
ing
Tra
ffic
An
aly
sis
–
Ne
tflo
w a
nd
So
larW
ind
s
Cis
co
LA
N
Ma
na
ge
me
nt
So
luti
on
Tra
ffic
An
aly
sis
–
Ne
tflo
w a
nd
Ne
tQo
S
So
larW
ind
s
Ne
two
rk
Ma
na
ge
me
nt
Configuration
Files
Su
pp
lem
en
tal
Gu
ide
s
Su
pp
lem
en
tal
Gu
ide
s
Su
pp
lem
en
tal
Gu
ide
s
Foundation
LA
N
WA
N
IPv
6 A
dd
res
sin
g
De
sig
n O
ve
rvie
w
De
sig
n G
uid
es
De
plo
ym
en
t G
uid
es
Yo
u a
re
He
re
Inte
rn
et
Ed
ge
Cis
co
ha
s m
ore
th
an
20
0 o
ffic
es
wo
rld
wid
e.
Ad
dre
ss
es
, p
ho
ne
nu
mb
ers
, a
nd
fa
x n
um
be
rs a
re l
iste
d o
n t
he
Cis
co
We
bs
ite
at
ww
w.c
isc
o.c
om
/go
/off
ice
s.
Cis
co
an
d t
he
Cis
co
Lo
go
are
tra
de
ma
rks
of
Cis
co
Sy
ste
ms
, In
c. a
nd
/or
its
aff
ilia
tes
in t
he
U.S
. an
d o
the
r c
ou
ntr
ies
. A
lis
tin
g o
f C
isc
o's
tra
de
ma
rks
ca
n b
e f
ou
nd
at
ww
w.c
isc
o.c
om
/go
/tra
de
ma
rks
. T
hir
d p
art
y t
rad
em
ark
s m
en
tio
ne
d a
re t
he
pro
pe
rty
of
the
ir r
es
pe
cti
ve
ow
ne
rs. T
he
us
e o
f th
e w
ord
pa
rtn
er
do
es
no
t im
ply
a p
art
ne
rsh
ip r
ela
tio
ns
hip
be
twe
en
Cis
co
an
d a
ny
oth
er
co
mp
an
y. (1
00
5R
)
Am
eri
ca
s H
ea
dq
ua
rte
rsC
isc
o S
ys
tem
s, I
nc
.S
an
Jo
se
, CA
As
ia P
ac
ific
He
ad
qu
art
ers
Cis
co
Sy
ste
ms
(U
SA
) P
te. L
td.
Sin
ga
po
re
Eu
rop
e H
ea
dq
ua
rte
rsC
isc
o S
ys
tem
s In
tern
ati
on
al B
VA
ms
terd
am
, Th
e N
eth
erl
an
ds
SM
AR
T B
US
INE
SS
AR
CH
ITE
CT
UR
E
C0
7-6
08
38
4-S
BA
0
1/1
1