MICRO FOCUS

Micro Focus - ArcSight - Security Incident and Event Management (SIEM) - SaaS

Real-time threat detection and response with open and intelligent SIEM (Security Information and Event Management). Real-time correlation to detect and escalate known threats. Threat intelligence feeds, distributed correlation, customisable rulesets, layered analytics, community content, and the Activate framework. Scalably address any SIEM use case your organization faces.

Features

• Real time security and audit monitoring
• Insider Threat Detection (User and Entity Behavioural Analytics)
• Security Analytics
• Log management
• SOAR - Security Orchestration and Automated Response
• Security Event Alerts
• Security Threat Hunting and Investigation
• Management Reporting and Dashboards
• Security Operations Centre (SOC)
• Machine Learning and Artificial Intelligence

Benefits

• Security event data injest at scale
• Near real time detection of security events
• Large set out of the box integrations using connectors
• Flexible open platform allows inject of large variety of data
• Ability to integrate with 3rd party application to send data
• Simple, intuitive, browser based user interface
• Machine Learning enable analysts to prioritise alerts in risk order
• Intelligent correlation across multiple event sources
• Next generation SIEM to power a next generation SOC
• Near real time threat intelligence for security operations

£665.80 a user

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsectoruk@microfocus.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

793863401649906

Contact

Micro Focus Public Sector
01635 565330
publicsectoruk@microfocus.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements:
  • Community.microfocus.com/t5/ESM-and-ESM-Express/ESM-7-2-1-Support-Matrix/ta-p/2777580
  • Community.microfocus.com/t5/ESM-and-ESM-Express/ESM-7-2-1-Installation-Guide/ta-p/2777579

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Please see target response times in attached Terms and Conditions doc.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: From a Web Browser.
• Web chat accessibility testing: TBA
• Onsite support: Yes, at extra cost
• Support levels: Standard support 24 x 7 Premium support available at additional cost. This can be used to align additional resources such as a Technical Account Manager, Named Advance Support Engineer or pre-paid points to provide additional onsite or remote support
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: N/A private cloud only
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Private cloud installation only, data is in buyer's control.
• End-of-contract process: N/A private cloud only

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Please see link below. A number of API calls are available. All described with the document as follows;; ; 1) https://community.microfocus.com/t5/ESM-and-ESM-Express/ESM-7-2-1-API-Reference-Vol-1-Core-Client-Services/ta-p/2777542; ; 2) https://community.microfocus.com/t5/ESM-and-ESM-Express/ESM-7-2-1-API-Reference-Vol-2-Manager-Client-Services-1-1/ta-p/2777541; ; 3) https://community.microfocus.com/t5/Logger/Logger-Web-Services-API-Guide-7-0-1/ta-p/2765479
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Complete

Scaling

• Independence of resources: ArcSight is a scalable platform. As a private cloud only service this is in the buyer's control.

Analytics

• Service usage metrics: Yes
• Metrics types: Service metrics are available within ArcSight, as private cloud only metrics are in buyer's control.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Data can be protected natively within ArcSight, other controls are in buyer's control as a private cloud service.
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: N/A private cloud only, data is in buyer's control.
• Data export formats: Other
• Data import formats: Other

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: In buyer's control for private cloud service model.
• Data protection within supplier network: Other
• Other protection within supplier network: In buyer's control for private cloud service model.

Availability and resilience

• Guaranteed availability: N/A as private cloud service.
• Approach to resilience: N/A as private cloud service.
• Outage reporting: ArcSight include facilities for reporting through dashboards, APIs and emails. In buyer's control as private cloud service.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: In buyer's control as private cloud service.
• Access restrictions in management interfaces and support channels: In buyer's control as private cloud service.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: In buyer's control as private cloud service.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The Certification Body of Schellman & Company LLC
• ISO/IEC 27001 accreditation date: 15/12/2020
• What the ISO/IEC 27001 doesn’t cover: This certification is for Software support services
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Corporate policies are designed after ISO 27001

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All non routine changes go through change control requiring approval and verification post implementation
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Security updates and patches available as required.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: In buyer's control as private cloud service
• Incident management type: Undisclosed
• Incident management approach: In buyer's control as private cloud service.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  At Micro Focus, we are committed to reducing our environmental footprint and supporting the transition to a low carbon business. We encourage our employees to live and work sustainably – and help our customers and partners address their carbon footprint by implementing carbon-friendly IT strategies, which deliver greater efficiency and extend the life of their existing technology and equipment.; Through our support of the United Nations Sustainable Development Goals (UN SDGs), we are working to adopt and inspire sustainable actions across everything we do to help shape a more sustainable, inclusive and equitable future for all.
• Covid-19 recovery:

  Covid-19 recovery

  Micro Focus continues to manage the evolving situation and monitor closely how COVID-19 is affecting our communities, our team, our customers, and our partners.; Nearly two years since the start of global lockdowns, we continue to keep focused on helping you by making it easier to ensure business continuity for your remote workers and your organization. ; Micro Focus continues to maintain a state of full operational readiness. Given the unprecedented dynamics of the COVID-19 pandemic, our dedicated COVID-19 Steering Group, comprised of leaders from across our organization, continues to operate and collaborate to adapt our plans as needed.; The COVID-19 Steering Group is actively monitoring the evolving situation, working closely with our teams, customers, and partners locally to ensure that business continues to operate without disruption. Our own business continuity plans are robust, focused on maintaining the delivery of services and support to customers and partners worldwide while supporting our local team.; Having 40 years of experience helping customers navigate the need to build, operate, secure, and analyse their systems – the systems that keep important business and social functions running and optimized. COVID-19 has reinforced the importance of using that knowledge and experience to help our customers and partners. Our goal is to continue to be there for all customers and colleagues in whatever way they need.; We will continue to make content and resources available to all of customers and partners to help you keep your business plans progressing and ensure you have what you need for your own business continuity. We remain confident in the power of our people and of our collective ability to come out stronger. Please know that the entire Micro Focus community is continuing to do our part and are here to serve when and where needed.
• Equal opportunity:

  Equal opportunity

  At Micro Focus, we are committed to actions that support diversity and inclusion (D&I) in everything we do. We believe in the power of a diverse and inclusive workforce that reflects the many aspects of the customers, suppliers, and communities we serve around the world, and promotes equal opportunity for all. We seek to enable the needs of our customers, drive new business, fuel innovation, and attract, engage, and retain our employees.; We are committed to creating and maintaining an inclusive culture where every employee feels a sense of belonging, has opportunities to grow, express themselves, exchange ideas, and feel heard. This commitment includes providing fair and equal opportunities to both employees and prospective employees throughout their career journeys. We are actively striving to identify and eliminate biases and barriers (seen or unseen) that could delay or prohibit full participation by any individual or group. D&I also means we provide an ethical and safe workplace environment where we treat each other with dignity and respect, creating a culture free of harassment, bullying, and hostility. This is underpinned by our Code of Conduct.; We recognise that each person brings a unique set of qualities, attributes, backgrounds, skills, and perspectives to work. We aim to not only accept but to value and harness those unique differences. Our intention is to achieve our broad business goals by increasing representation of underrepresented people groups, including at the leadership level.
• Wellbeing:

  Wellbeing

  Employee wellbeing and maintaining mental health are key priorities at Micro Focus.; ; The Micro Focus Wellbeing program focuses on The Five Pathways to Wellbeing (Stay Connected, Be Active & Healthy, Maintain Emotional & Mental Health, Keep Learning & Give Back) and offers a rich library of resources including tips, videos and curated learning.; ; Micro Focus also celebrates World Wellbeing Week and Mental Health Awareness Week each year to further highlight the importance of wellbeing of all employees.; ; Mental Health Awareness training is provided for managers, employees and HR. Through our 24x7 learning resource partners, employees have access to self-paced training on topics such as stress, anxiety and burnout management, meditation, and mindfulness. In addition, we monitor employee sentiment and wellbeing through My Voice surveys.; ; A global Employee Assistance Program (EAP) is available to all employees and their family members to help address specific life concerns and stressors that impact concentration, motivation and enjoyment of life. Available in multiple languages, EAP is a free, 24/7 confidential service offering counseling and resourcesdesigned to help employees with family, relationship and parenting issues, financial and addiction concerns. ; ; Micro Focus launched a dedicated COVID Resource Center for all employees, providing specific health, wellbeing, including mental health resources such as webinars on managing work life balance, and coping with depression and anxiety. COVID-19 manager-specific training is also provided, offering both coaching and group discussion opportunities to help support managers themselves and to help managers support their teams.

Pricing

• Price: £665.80 a user
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsectoruk@microfocus.com. Tell them what format you need. It will help if you say what assistive technology you use.