hpe integration guide for arcsight logger on ... · pdf filehpe arcsight ... •...
TRANSCRIPT
HPE Integration Guide for ArcSight Logger on ConvergedSystem 700 2.0 with Helion CloudSystem
Technical white paper
Technical white paper
Contents Executive summary ................................................................................................................................................................................................................................................................................................................................ 4 Solution overview ..................................................................................................................................................................................................................................................................................................................................... 4
HPE ArcSight......................................................................................................................................................................................................................................................................................................................................... 4 HPE ConvergedSystem 700 ................................................................................................................................................................................................................................................................................................... 5 HPE Helion CloudSystem .......................................................................................................................................................................................................................................................................................................... 6
Assumptions ................................................................................................................................................................................................................................................................................................................................................. 7 Overview: HPE ArcSight security solution for HPE ConvergedSystem 700...................................................................................................................................................................................... 7 Deploying the ArcSight Logger appliance ........................................................................................................................................................................................................................................................................ 7
Storage and server requirements ....................................................................................................................................................................................................................................................................................... 7 Create new datastore for HPE ArcSight Logger ................................................................................................................................................................................................................................................... 8 Importing the ArcSight Logger VMware virtual machine image .........................................................................................................................................................................................................10 Adding the second hard disk to the Logger VM ................................................................................................................................................................................................................................................. 11 Power on the Logger VM ......................................................................................................................................................................................................................................................................................................... 12
Configure the Logger VM .............................................................................................................................................................................................................................................................................................................. 13 Pre-installation steps.................................................................................................................................................................................................................................................................................................................... 13 Mount the second hard disk .................................................................................................................................................................................................................................................................................................. 14 Install ArcSight Logger ............................................................................................................................................................................................................................................................................................................... 15 Connect to Logger and change the admin user password ....................................................................................................................................................................................................................... 16 Configure Device Groups, Storage Groups, and Storage Rules............................................................................................................................................................................................................. 17 Create Device Groups .................................................................................................................................................................................................................................................................................................................. 17 Verify Storage Volume Size ................................................................................................................................................................................................................................................................................................... 18 Create Storage Groups ............................................................................................................................................................................................................................................................................................................... 19 Create Storage Rules ................................................................................................................................................................................................................................................................................................................... 20 Edit and create additional receivers ............................................................................................................................................................................................................................................................................... 21
Add DNS entries for ArcSight .................................................................................................................................................................................................................................................................................................... 22 About forwarding events to ArcSight Logger ............................................................................................................................................................................................................................................................ 23
Sending events to HPE ArcSight Logger without Connectors ............................................................................................................................................................................................................. 23 Sending events to HPE ArcSight Logger using Connectors .................................................................................................................................................................................................................. 24
Forwarding ConvergedSystem 700 component events to ArcSight Logger ................................................................................................................................................................................ 24 Networking ........................................................................................................................................................................................................................................................................................................................................... 24 VMware .................................................................................................................................................................................................................................................................................................................................................... 26 HPE 3PAR .......................................................................................................