Security Basics mailing list archives
Re: Setting up Arcsight/Tripwire
From: Eric K <erickrz () comcast net>
Date: Tue, 07 Apr 2009 15:00:04 -0400
V.,The types of rules you can setup in ArcSight will vary upon what you actually want the tool to do. I would check out the ArcSight user forums for suggestions and even some pre-built content. It's a very good source for ideas and examples of how different users and types of companies use ESM.
E. venkatesh.selvaraju () gmail com wrote:
Dear All, I was wondering if anyone has any standard rules and policies which can be instantly deployed & added to Arcsight ESM for monitoring Windows, UNIX, database and network devices. I understand the rules vary and are specific to the OS and n/w devices. We have to setup the rules and commission Arcsight in our company. If anyone has prior hands-on using Arcsight or if you have any literature, please share. Also, if you have any docs on how to setup rules on Tripwire tool for file integrity checking please share the information. Thank you in advance. V ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- Setting up Arcsight/Tripwire venkatesh . selvaraju (Apr 07)
- Re: Setting up Arcsight/Tripwire Eric K (Apr 07)