ArcSight PCI Logger

ArcSight PCI Logger is an all-in-one log collection, storage and analysis appliance for cost-effective automation of PCI audits and proactive protection of cardholder data.

alt

ArcSight L3200 - PCI

  • Devices: 200
  • Max Input Rate: 2,000 events/second
  • Local Connector EPS: 200
  • CPU: 1 x Intel Xeon E5504 Quad Core 2.0 GHz
  • RAM: 12 GB
  • Storage: 2 x 1TB - RAID 1

Highlights:

  • Cost-effective PCI log management optimized for Level 2 through 4 merchants
  • Comprehensive and pre-packaged reporting and alerting across PCI DSS requirements
  • Forensics on the fly for rapid investigation and simplified analysis

Ease of Deployment and Management

PCI compliance monitoring is seamless with the self-contained ArcSight PCI Logger 1U appliance for log collection, storage and analysis. No database administration expertise is required and a 100 percent web-based interface simplifies deployment and ongoing management by eliminating the need for any client installations.

Self-Managing Log Collection and Storage Repository

ArcSight PCI Logger can automate collection from hundreds of devices and device types that typically comprise a merchant’s network, including various firewalls, IDS devices, directories, desktops, servers, mobile networks, handhelds, POS terminals, databases and mainframes or mid-range servers. A wizard-based interface simplifies collection from legacy sources and POS applications.

All aggregated logs are stored onboard the ArcSight PCI Logger appliance in a compressed format. Each appliance comes with nearly 7TB of effective log capacity, and PCI retention policies are automatically enforced eliminating the need for manual and error-prone log rotation.

Cost-effective and Automated Reporting

Most merchants spend countless hours collecting logs and executing manual scripts across disparate log types to generate reports for PCI compliance. ArcSight PCI Logger automates the entire audit through pre-packaged reports that span all PCI DSS requirements. The reports can be easily scheduled and automatically sent in various graphical formats for review.

Proactive Protection of Cardholder Data

Merchants often focus on eliminating the cost and effort associated with manual audit reporting. However, reports can only indicate whether or not compliance was achieved after the fact. ArcSight PCI Logger adds proactive protection for the cardholder network through pre-packaged real-time alerts that deliver continuous visibility into PCI DSS violations. Alerts can be viewed within the live alerting console or can trigger external notification via SNMP, SMTP or syslog.

Forensics on the Fly

With most other log management solutions, each subsequent step of analysis requires building another report or constructing a new search filter, which is both complex and time consuming. ArcSight PCI Logger eliminates such tedious effort through Forensics on the Fly, which enables easy drill down from dashboards through reports, to searches, real-time alerts and base events.

Users are presented with interactive and personalized PCI dashboards that combine relevant PCI reports into a single role-based view. From these aggregate dashboards, users can drill into and across PCI requirement-specific reports and investigate potential violations. Report results can be further analyzed using an intuitive search interface to conduct quick-and-easy ad-hoc investigations for root cause analysis. In turn, the search patterns can be converted into real-time alerts to ensure that subsequent matches lead to instant notification. Finally, users can directly drill from the alert to underlying events that triggered the alert.