SOURCE: ArcSight

August 22, 2006 08:00 ET

ArcSight Publishes Open Standard Designed to Improve the Interoperability of Security and Compliance Systems

ArcSight Certification Program Supports Vendor Adoption of the New Common Event Format Standard

CUPERTINO, CA -- (MARKET WIRE) -- August 22, 2006 -- ArcSight, Inc., a global leader in Enterprise Security Management (ESM) software, today announced the release of the Common Event Format (CEF), an open log management standard that improves the interoperability of security-related information from different security and network devices and applications. CEF is based on ArcSight's expertise from building more than 230 connectors across 30 different security and network technology categories and is the first log management standard developed and optimized to support such a broad range of device types. CEF enables technology companies and customers to use a common event log format so that data can be easily collected and aggregated for analysis by an enterprise security management system.

"With CEF and the ArcSight CEF connector, we can add new devices and applications to our security event monitoring infrastructure without building proprietary ArcSight connectors. This will save us time and integration headaches," said John Summers, global director of managed security services at Unisys, a large ArcSight customer.

"The simplicity and extensibility of the CEF standard will enable our security operations staff to more quickly integrate a client's custom application with ArcSight ESM. The end result will be expanded visibility across our client's IT environments and better oversight of our client's mission critical data, applications and infrastructure," Summers added.

"Companies are broadening their focus from perimeter security to insider threats and regulatory compliance. These new initiatives demand that companies integrate an ever-larger number of security and non-security devices and log events into their overall security view," said Charles Kolodgy, research director, security products at IDC. "The Common Event Format enables companies to quickly incorporate new technologies and address evolving needs."

Existing standards, such as WELF and IDMEF, target a single component of the security infrastructure, are tied to a specific transport protocol or are designed specifically for applications and cannot support today's high-performance, real-time security requirements. In contrast, the CEF standard is an extensible, text-based, high-performance format designed to support any source of event logs needed to gain a comprehensive view of an organization's security and compliance.

The Common Event Format is an open format that is now publicly available. To assist technology companies that want to adopt, test and certify their compatibility with the CEF standard, ArcSight has formed a Common Event Format certification program. ArcSight will provide documentation, access to a hosted ArcSight ESM solution for testing and Web support as part of the CEF certification process. AirTight Networks, CipherOptics, DeepNines, Intrusic, Reconnex, Vericept and Vontu are among ArcSight technology partners who are leveraging the CEF standard today and are going through the certification program. For more information on this program, please contact

"ArcSight continues to innovate and lead the ESM market in helping organizations improve their overall security and compliance efforts," said Steve Sommer, senior vice president of marketing and business development at ArcSight. "This simple yet flexible and high-performance format allows organizations to leverage information from more security technologies to gain a more comprehensive real-time view of their security posture, insider threats and compliance status."

About ArcSight

ArcSight, a leader in Enterprise Security Management, provides solutions that serve as the mission control center for real-time threat management, compliance reporting and automated network response. By comprehensively collecting, analyzing and managing security data, ArcSight solutions centrally manage and mitigate information risk for security, insider threat and compliance. ArcSight's customer base includes leading global enterprises, government agencies and MSSPs.

ArcSight and the ArcSight logo are trademarks of ArcSight, Inc.

Contact Information