ArcSight

AcrSight ApplianceArcSight’s Threat Response Manager (TRM) appliance is designed for the medium-sized business as an automated approach to identifying network threats and compromises and is part of ArcSight’s Network Synergy Platform which is one appliance and user interface that will run either TRM or NCM or both on the same box, depending upon license purchase.

ArcSight Channel Right Products

ArcSight TRM instantly locates and identifies the exact location of any threat or compromise on the network and responds immediately by implementing specific, policy-based actions. Policy-based actions may include disabling the node’s switch port, implementing a filter on the node’s traffic or moving the node to a virtual quarantine network. Through incorporating the incident response plan with prevention and detection technology, ArcSight has created a solution that can:

  • Initiate policy-based quarantine options
  • Support disaster recovery
  • Leverage current investment by supporting an existing multi-vendor environment
  • Address compliance requirements through automatic documentation of incident response information
  • Manage and control user rights with its built-in user account control feature – allowing for easy control and ability to restrict access rights in accordance with individual job tasks and descriptions.

Why sell Threat Response Manager?

TRM bridges the gap between network security and network operations. The TRM solution allows your customers to easily integrate with existing and upcoming security technologies while simultaneously eliminating the pain of manually capturing and consolidating incident response information. The system produces easy-to-understand, customizable reports that are convenient for security managers and also provide the much-needed audit trails to address key compliance requirements.