ArcSight received a thumbs up from Gartner when it was positioned it in the leaders quadrant of the Magic Quadrant for Security Information and Event Management1 (SIEM), end of May this year.
ArcSght which partners with Comguard for this region, offers an integrated set of products for collecting, analyzing and managing enterprise event information. These products, that can be purchased and deployed separately or together, depending on organization size and needs, include software and appliances for Event Collection, Log Management, Event Management, Compliance Automation and Identity Monitoring. The ArcSight SIEM Platform includes ArcSight Logger, ArcSight ESM, ArcSight Connectors, ArcSight Threat Response Manager (TRM), ArcSight Compliance Insight Packages, and ArcSight IdentityView.
A couple of months back, the vendor introduced its new ArcSight Express family of compliance and security monitoring appliances targeted at the needs of mid-size organisations with limited resources. ArcSight Express is a SIEM appliance solution that collects, monitors and reports on the activity that is occurring across an organization’s firewalls, servers, desktops, anti-virus products, intrusion prevention systems, remote access, VPN devices, routers, switches and other inter-connectivity gear
ArcSight Express includes the correlation rules, dashboards and reports that matter in the protection of mid-size organisations. ArcSight Express eliminates the need for in-house security experts to build custom threat detection rules, dashboards and reports as is the norm for customers of other security information and event management (SIEM) products focused on this market segment.
“We see increased focus on security and compliance in both public and private sectors,” says Jayadevan K, Head – Value Business, Comguard FZ LLC. “ArcSight Express delivers management, performance, security and compliance in an easy to deploy appliance for customers who need affordable compliance.”
ArcSight Express is tailored to organisations with little in-house security expertise and looking for increased compliance and security at affordable prices and reduced administrative requirements.
Jonathan Cooper, Director, Channel Sales – EMEA, ArcSight says, “ArcSight Express is the SIEM solution in a box. It is meant for customers who typically have limited security staff and want a pre-packaged easy to use and managed security solution. They may have limited budgets, compliance requirements etc. ArcSight Express provides perimeter and network security, all in a box.”
ArcSight Express works with the ArcSight SmartConnector family that collects event data in native format from more than 275 devices and applications, and normalises the data into a common format for correlation and analysis.
He adds, “We have sold the ESM into the mid-market capably. Many of the functionalities may not be necessary for the mid-market customers. A lot of mid-market customers are clear about requirements and they may need some additional functionalities in future or may not. Appliance based approach is ideal for them because they may not have staff to oversee it.”
The vendor is touting appliance based approach as the best go to market model for tackling the larger SMB market in the region.
“It is a popular strategy for the channel as well. They want a product that they can deploy faster as well. It is a higher volume type of business. An enterprise grade software product would take more time to deploy. “
ArcSight is looking at a larger market to address with these new products, together with Comguard and partners. Appliance products open up a broader market for the SIEM vendor.
“We are investing quite heavily to extend our partner footprint and to build up our partner capabilities. We are also providing increasing access to tools and, training and certification programs, partner programs,” concludes Cooper.
ArcSight together with distribution partner Comguard look to expand midmarket customer base