Micro Focus ArcSight Managed Security Service Provider (MSSP) 2020.05 has been released

  • KM03646703
  • 02-Jun-2020
  • 04-Jun-2020

Summary

Micro Focus ArcSight Managed Security Service Provider (MSSP) 2020.05

Reference

Recommended Software Update

Micro Focus is announcing the release of

Product: ArcSight Managed Security Service Provider (MSSP)
Version: 2020.05
Languages: English

ArcSight MSSP v2020.05 is a suite of products that contains the following: 

  • Enterprise Security Manager (ESM) v7.2.1
  • NO Logger Update – 7.0 was released in Dec. 2019
  • ArcSight Management Center (ArcMC) v2.9.4
  • Transformation Hub v3.2
  • Smart Connectors v7.15.0

The following are the new key features available in the ESM version 7.2.1: 

  • ArcSight Fusion enables you to visualize, identify and analyze potential threats by incorporating intelligence from the multiple layers of security sources that might be installed in your security environment.  In the first release of this new web-based interface, SOC managers and CISOs can use ArcSight Fusion to 1) View ESM Case Metrics, including volume over time, total case load and analyst productivity 2) Prioritize ESM Active list entries using Interset risk scoring (Note: Requires Interset License)
  • Single Sign-on for the ArcSight Java Console and ArcSight Command Center includes support for Azure Active Directory and other SAML2 identity providers.
  • Distributed Event Forwarder enables high-speed event forwarding when used in distributed mode installations with Transformation Hub
  • Event Ingestion from multiple Transformation Hub topics allows you to specify up to 25 topics to consume events. In addition, you can connect to a Kaftka cluster that is configured to use SASL/PLAIN authentication
  • Significantly improved upgrade experience

For more information, please check the Release Notes for this version on MySupport.

The following are the new key features available in the Logger version 7.0 originally released in Dec 2019:

  • 24 TB of Event storage per Logger – Logger 7.0 will support up to 24TB on software and Gen 10 appliance form factors. 
  • New Search UI – A new UI is introduced for Logger Search with features like, event details, event comparisons, Grid view, Raw event View, Column view, etc. This UI will be available in addition to the Classic Search UI of Logger.
  • Search based of event occurred time – Starting from Logger 7.0, you can search based on Event occurred time in addition to the event receipt time of Logger.
  • EPS Licensing – Logger 7.0 is moving to a EPS based license from a GB/day based License.
  • Reporting:
    • Data Science – Ability to use Python’s Data Science/Predictive analytics capabilities with Reporting 
    • Reporting on ArcSight Investigate – Investigate’s Vertica database can be added as a data source in Logger Reporting, allowing to create reports on Investigate Data.
    • IP to GeoMapping – Ability to convert IP address to Geo Location and create maps within Reports.
  • Out of the Box Content updates
  • Bonding/Trunking of NICs for Appliances 
  • Performance Improvements in Search/Reporting

The following are the new key features available in the ArcSight Management Center (ArcMC) v2.9.4:

  • Platform component version updates now support RHEL 8.1 and CentOS 8.1, and current releases of: Azul Zulu Java runtime, updated component libraries with up-to-date vulnerability compliance
  • Support for latest Connector release, v.7.15.0
  • New reporting options that generate complete connector infrastructure configuration metadata and license metric exports to .CSV and .PDF formats
  • Miscellaneous bug fixes. Refer to the Release Notes for the specific defects addressed.

The following are the new key features available in the Transformation Hub v3.2:

  • Upgrades to Version 3.2.0 and future releases from Version 3.x and patches/hotfixes are now supported in the native CDF Installer, using rolling upgrades through the Master and Worker Nodes in the cluster.
  • Platform support for  RHEL 8.1 and CentOS 8.1 and component version updates for: Azul Zulu Java runtime,  Apache Client, Confluent Platform (which now includes  Apache Server, Schema Registry and ZooKeeper), and other library upgrades with up-to-date vulnerabilities compliance.
  • Support for latest Connector release, v7.15.0
  • Miscellaneous bug fixes. Refer to the Release Notes for the specific defects addressed

The following are the new key features available in the Smart Connectors v7.15.0:

  • Support RHEL 8.1, CentOS 8.1, SLES 15 & SLES 15.1
  • New connector to support Cisco Meraki for Model MR52
  • Expanded Office 365 support
  • Expanded AWS Cloudwatch and Cloudtail Support
  • Expanded Azure Event Hub Support
  • MS Windows Event log Native Connector Improvement
  • Syslog NG Daemon Connector Improvements
  • Load Balancer vulnerability fixes
  • Parser fixes and New Log sources

Please note all Managed Security Service Provider Platform (MSSP) customers with active support subscription are eligible to update to the latest Managed Security Service Provider Platform Version 2020.05: 
https://entitlement.microfocus.com/mysoftware/iam/home

Connector Framework  7.13.0, 7.13 patch 1, 7.14.0 and 7.15.0 –The software can be found on the Software entitlement portal: https://entitlement.microfocus.com/mysoftware/iam/home

For more information, please check the Release Notes for this version (available from MySupport).  

If you have an active support subscription for these products, please plan for downloading this version from the Software Licenses and Downloads Portal. To access these products in the Software Licenses and Downloads Portal, you will need to sign in with your Micro Focus credentials.

Our goal is to provide you with clear visibility into the support time-line of software products, enabling you to use this information to plan, test, and deploy new product versions. For more information, check our MySupport Software Product Lifecycle pages.