Supported Products December 2010

The ArcSight library of out of the box SmartConnectors provides source-optimized collection for 300+
commercial products. These products span the entire stack of event-generating source types, from
network and security devices to databases and enterprise applications.

In addition to SmartConnectors developed and maintained by ArcSight, the Common Event Format (CEF)
partner program enables other technology vendors to deliver and certify interoperability with ArcSight
products by logging in accordance with open CEF format. Several technology partners have already
achieved CEF certification, as noted.

Anti-Virus/Anti-Spam Data Leak Prevention

F-Secure Anti Virus Fidelis XPS – (CEF)
McAfee VirusScan Enterprise Symantec DLP (Vontu)
Sophos
Sybari Antigen for Microsoft Exchange Data Security
Symantec Antivirus Corporate Edition
Cyber-Ark Inter-Business Vault – (CEF)
Symantec Mail Security for MS Exchange
Cyber-Ark Sensitive Document Vault – (CEF)
TrendMicro OfficeScan (Control Manager,
Ingrian
TM Control Manager DB)
Vormetric
TrendMicro VirusWall (Control Manager)

Applications Firewall
Check Point FW-1
BEA Weblogic Server
Cisco PIX Firewall
IBM WebSphere
CyberGuard Firewall
SAP ERP
Juniper Networks (Altor Networks Virtual Firewall) - (CEF)
Juniper Network Security Manager (NetScreen)
Application Security Juniper Networks Firewall and VPN
Arxan – (CEF) Lucent Managed Firewall
Bit9 – (CEF) McAfee Desktop Firewall
Secure Computing Gauntlet Firewall/VPN
Stonesoft Stonegate
Clinical / Healthcare Applications Symantec Enterprise Firewall
Symantec Gateway Security
FairWarning – (CEF)

Content Security Honeypot

HoneyD
Aladdin eSafe Gateway
Barracuda (NetContinuum Web Firewall)
McAfee Email and WebSecurity Appliance (CEF) IDS/IPS – Host Based
McAfee Web Gateway Cisco Security Agent (Okena)
Puresight Content Filter ISS Black Ice Server Protection (SiteProtector)
Secure Computing Webwasher McAfee Host IPS (Entercept)
TrendMicro Control Manager NFR Security HID
TrendMicro InterScan Messaging Security SANA Primary Response
(Control Manager) Symantec Critical System Protection
TrendMicro InterScan Web Security (Control Manager) Symantec ITA (Intruder Alert)
Tripwire Manager & Tripwire Enterprise
DAM/DB Security
Application Security DBProtect (CEF) IDS/IPS – Network Based
Guardium – (CEF) Broadweb Netkeeper
Imperva SecureSphere – (CEF) Bro IDS
Oracle (Secerno DataWall)– (CEF) Cisco IPS Sensor
Sentrigo HedgeHog (Enterprise, vPatch) – (CEF) Cisco Secure IDS
CounterSnipe
Database Enterasys Dragon
HP-TippingPoint UnityOne SMS
IBM DB2
Intrusion SecureNet Pro
Microsoft SQL
ISS RealSecure Server Sensor
Oracle
ISS RealSecure WorkGroup Manager
Oracle Audit Vault
ISS Proventia IPS Appliance (SiteProtector)
Sybase Adaptive Server Enterprise
Juniper Networks IDP (NetScreen)
McAfee Network Security Manager (IntruShield)
NFR Central Management Server Malware Detection
NFR Security NID
Damballa – (CEF)
NitroSecurity IPS
FireEye (CEF)
PacketAlarm IDS
Truimfant (CEF)
Radware DefensePro
Snort
Sourcefire Intrusion Sensor Midrange Systems
Sourcefire Defense Center Management Console
IBM AS/400
Sourcefire RNA Sensor (Real-time Network Awareness)
Symantec ManHunt
Symantec Network Security 7100 Network Access Control
Toplayer Attack Mitigator ForeScout – (CEF)
Mirage Networks Counterpoint
IDM, IAM & Identity Security
ActivCard AAA Server DB Network Behavior Anomaly
CA eTrust SiteMinder (Netegrity) Arbor Networks Peakflow
Cisco Secure Access Control Server (ACS) Lancope StealthWatch
Cyber-Ark PIM Suite – (CEF) Mazu Profiler
FOXt (CEF)
IBM Tivoli Access Manager Network Discovery
Juniper SBR (Steel Belted Radius)
Lumet IPsonar
Lieberman Software – (CEF)
Microsoft Active Directory
Microsoft Forefront Network Forensics
Microsoft Network Policy Server (Windows IAS/RADIUS) Narus – (CEF)
Novell Nsure Audit Niksun NetDetector
Oracle NetPoint (Oblix) NetWitness – (CEF)
Oracle SunONE Directory Server
PacketMotion PacketSentry – (CEF) Network Management
RSA Authentication Manager (ACE Server)
Cisco Works
RSA Access Manager (ClearTrust)
F5 BigIP
Secure Computing SafeWord PremierAccess

Integrated Security Network Monitoring

HP OpenView Operations (OVO)
Barracuda Networks Spam Firewall
ISC DHCP
Cisco ASA 5500
ISC BIND
Fortinet FortiGate
Microsoft Operations Manager DB (MOM)
iPolicy Intrusion Prevention Firewall
Microsoft System Center Operations Manager DB (SCOM)
Secure Computing Sidewinder
Microsoft DHCP
SonicWALL
Microsoft DNS
Microsoft WINS
Log Consolidation & Analysis Nagios
Cisco MARS
Quest InTrust (fka Aelita Event Manger (AEM) Network Traffic Analysis
Enterprise IT Security SF-RiskSaver – (CEF)
Cisco NetFlow / Flexible Netflow
NetScout – (CEF)
Mail Filtering QoSient Argus
Cisco Ironport Email Security Appliance TCP Dump
McAfee Email Gateway (Secure Computing IronMail)
Symantec Mail Security 8200 Series Network Traffic Management
MessageGate
Cisco Distributed Director 4500
Bro IDS
Mainframe
CA Top Secret Operating Systems
Enterprise IT Security SF-Sherlock – (CEF)
IBM AIX Operating System
Enterprise IT Security SF-NoEvasion – (CEF)
HP OpenVMS
IBM OS/390 (NVAS)
HPUX Operating System
IBM OS/390 (SDSF)
Microsoft Windows 7/NT/2000/2003/XP/2008 Server/Vista
Type80 SMA_RT for RACF
Redhat Linux
Type80 SMA_RT for CA Top Secret
Snare for Microsoft Windows
Solaris BSM
Mail Server UNIX
IBM Lotus Notes Domino Enterprise Server Sabernet NT Syslog
Microsoft Exchange
Microsoft Forefront for Exchange Server Physical Systems/Security
Sendmail
Plasec – (CEF)

- Page 2 -
Policy Management Vulnerability Assessment
NetIQ Security Manager eEye REM Security Management Console
Securify SecurVantage eEye Retina Network Security Scanner
Solsoft Policy Server Harris STAT Scanner
ISS Internet Scanner
McAfee Vulnerability Manager (Foundscan)
Router nCircle IP360 Device Profiler
Cisco Router nCircle IP360 Threat Monitor
Juniper Router (JUNOS) Nmap
OVAL
Security Management Qualys Guard
Rapid 7 NeXpose
Enterasys Dragon Server
Symantec NetRecon
Intrusion Securenet Provider
Tenable Nessus
ISS Site Protector
Visionael Security Audit
McAfee ePO
Saint Vulnerability Scanner
McAfee Rogue System Detection (via ePO)
MicroSoft Audit Collection System
Symantec ESM Web Cache
Symantec SESA BlueCoat Proxy SG Series
Microsoft ISA
Storage Network Appliance NetCache
Squid
NetApp FAS
EMC Celerra
Web Filtering
Switch Cisco Ironport Web Security Appliance
Websense
Cisco Catalyst
Cisco CSS 11500 Series Content Services Switches
Foundry Networks Big Iron Web Server
HP Ethernet Switch Apache
Microsoft IIS
Virtualization Sun ONE
VMWare ESX/ESXi Server
VMWare Virtual Center Wireless
AirDefense Guard
VPN AirMagnet Enterprise
AirPatrol Wireless Locator System (WLS) – (CEF)
Alcatel Secure VPN Gateway
Aruba Mobility Controller
Check Point VPN-1
Cisco AIRONET 1200
Cisco VPN Concentrator
Cisco Mobility Services Engine
Citrix Access Gateway
Newbury Networks Wi-fi Watchdog
Juniper/NetScreen (Neoteris) SSL VPN
Nortel Contivity Extranet Switch

Note: Most ArcSight SmartConnectors can be deployed as software and are also supported on ArcSight Connector Appliances.

About ArcSight:
ArcSight, an HP company, is a leading global provider of cybersecurity and compliance solutions that
protect organizations from enterprise threats and risks. Based on the market-leading SIEM offering, the
ArcSight Enterprise Threat and Risk Management (ETRM) platform enables businesses and government
agencies to proactively safeguard digital assets, comply with corporate and regulatory policy and control
the internal and external risks associated with cybertheft, cyberfraud, cyberwarfare and
cyberespionage. For more information, visit www.arcsight.com.
ArcSight, an HP Company. 5 Results Way, Cupertino, CA 95014, USA - www.arcsight.com - info@arcsight.com - Corporate Headquarters: 1-888-415-ARST
© 2010 ArcSight, Inc. All rights reserved. ArcSight and the ArcSight logo are trademarks of ArcSight, Inc. All other product and company names may be trademarks or
registered trademarks of their respective owners.

- Page 3 -