HPE Integration Guide for ArcSight Logger on ConvergedSystem 700 2.0 with Helion CloudSystem

Technical white paper

Technical white paper

Contents Executive summary ................................................................................................................................................................................................................................................................................................................................ 4 Solution overview ..................................................................................................................................................................................................................................................................................................................................... 4

HPE ArcSight......................................................................................................................................................................................................................................................................................................................................... 4 HPE ConvergedSystem 700 ................................................................................................................................................................................................................................................................................................... 5 HPE Helion CloudSystem .......................................................................................................................................................................................................................................................................................................... 6

Assumptions ................................................................................................................................................................................................................................................................................................................................................. 7 Overview: HPE ArcSight security solution for HPE ConvergedSystem 700...................................................................................................................................................................................... 7 Deploying the ArcSight Logger appliance ........................................................................................................................................................................................................................................................................ 7

Storage and server requirements ....................................................................................................................................................................................................................................................................................... 7 Create new datastore for HPE ArcSight Logger ................................................................................................................................................................................................................................................... 8 Importing the ArcSight Logger VMware virtual machine image .........................................................................................................................................................................................................10 Adding the second hard disk to the Logger VM ................................................................................................................................................................................................................................................. 11 Power on the Logger VM ......................................................................................................................................................................................................................................................................................................... 12

Configure the Logger VM .............................................................................................................................................................................................................................................................................................................. 13 Pre-installation steps.................................................................................................................................................................................................................................................................................................................... 13 Mount the second hard disk .................................................................................................................................................................................................................................................................................................. 14 Install ArcSight Logger ............................................................................................................................................................................................................................................................................................................... 15 Connect to Logger and change the admin user password ....................................................................................................................................................................................................................... 16 Configure Device Groups, Storage Groups, and Storage Rules............................................................................................................................................................................................................. 17 Create Device Groups .................................................................................................................................................................................................................................................................................................................. 17 Verify Storage Volume Size ................................................................................................................................................................................................................................................................................................... 18 Create Storage Groups ............................................................................................................................................................................................................................................................................................................... 19 Create Storage Rules ................................................................................................................................................................................................................................................................................................................... 20 Edit and create additional receivers ............................................................................................................................................................................................................................................................................... 21

Add DNS entries for ArcSight .................................................................................................................................................................................................................................................................................................... 22 About forwarding events to ArcSight Logger ............................................................................................................................................................................................................................................................ 23

Sending events to HPE ArcSight Logger without Connectors ............................................................................................................................................................................................................. 23 Sending events to HPE ArcSight Logger using Connectors .................................................................................................................................................................................................................. 24

Forwarding ConvergedSystem 700 component events to ArcSight Logger ................................................................................................................................................................................ 24 Networking ........................................................................................................................................................................................................................................................................................................................................... 24 VMware .................................................................................................................................................................................................................................................................................................................................................... 26 HPE 3PAR .......................................................................................................