Micro Focus ArcSight Managed Security Service Provider (MSSP) 2020.07 has been released

  • KM03688313
  • 04-Aug-2020
  • 14-Aug-2020

Summary

Micro Focus ArcSight Managed Security Service Provider (MSSP) 2020.07

Reference

Recommended Software Update

Micro Focus is announcing the release of

Product: ArcSight Managed Security Service Provider (MSSP)
Version: 2020.07
Languages: English

ArcSight MSSP v2020.07 is a suite of products that contains the following:

  • Enterprise Security Manager (ESM) v7.3
  • ArcSight Data Platform
    • Logger v 7.1 
    • ArcSight Management Center (ArcMC) v2.9.5
    • Transformation Hub v3.3
    • Smart Connectors v8.0.0

The Key Features for ESM 7.3 includes:

  • ESM's web console, ACC, is now enabled in the Fusion framework, enabling customers to have a single pane of glass when using ESM and Recon together.
  • New REST API framework and Swagger documentation for ESM API
  • Numerous upgrade improvements easing the effort required for administrators to upgrade and maintain their ESM deployment
  • Adoption of Avro event format from Transformation Hub, enabling customers to use a single event ingestion format across their entire ArcSight portfolio
  • FIPS compliance when using Fusion as an authentication source.

For more information, please check the Release Notes for this version on MySupport.

The Key Features for ArcSight Data Platform 2.6 include:

ArcSight Data Platform (ADP) v2.6 is a suite of products containing the following Products::.

  • Logger v7.1
  • ArcSight Management Center (ArcMC) v2.9.5
  • Transformation Hub v3.3
  • Smart Connectors v8.0.0

The Key Features for ArcSight Logger 7.1 includes:  

  • Storage Improvements:
    - Store up to 15% more data in the same disk space.
  • Search Improvements
    - Persist and load search results for further analysis.
    - View peer stats search status information before, during, and after executing a search.- Internal audit events for the different search stages (start, finish, and intermediate).
    - Open up to 10 tabs to perform different searches or review completed search results.
    - Search dashboard to view active searches.
  • Search Congruity Improvements:- Field summary: Improved field summary on the search results page with 10 values both top and bottom.
    - Highlight events to easily recognize similar and/or specific events included in the search results.
    - Save your queries as a filter, dashboard panel, or saved search (schedule a search or alert or even create a report out of them).
    - Customize your results, export to a local disk, remote location, or to Logger.
    - Create, edit, clone, and delete field sets.
  • Navigation bar has been enhanced and it is now available throughout the UI for navigation.
  • Using a TH destination, Logger can now forward data to Kafka and ArcSight Transformation Hub.
  • Define and tune Logger Roles: Available memory will be adjusted based on the role(s) you select for optimal performance.
  • AWS Destination: Logger Archives can now be sent to an AWS storage.
  • Cipher Suites have been updated.
  • Support for RHEL 8.1 in Software.
  • Various security fixes, feature updates, and bug fixes.

The Key Features for ArcSight Management Center 2.9.5 includes:

  • Support for the latest Connector release, v8.0.0.
  • Windows Native Connector (WiNC) on a Connector Host Appliance (CHA) can now run in a Windows 2019 Server VM on Gen9 CHAs.
  • Support for the new Avro formatted event schema.
  • Event routing and filtering in Transformation Hub for events transformed from CEF to Avro format and consumed by ESM, Interset, Logger and Investigate.  These events may now be stored in a common high-performance Vertica database shared by all ArcSight products.
  • Configuration for the new AWS Cloud S3 SmartConnector.
  • Configuration for the new AWS Security Hub SmartConnector.
  • Configuration of Transformation Hub processing in Microsoft Azure environment that leverages Azure services and capabilities.
  • Platform component version updates have been certified on RHEL 7.8, CentOS 7.8 (RHEL/CentOS 8.1 was already supported in 2.94), with current releases of Azul Zulu Java runtime and PostgreSQL. Component libraries include current vulnerability compliance, and ciphers are up-to-date.

The Key Features for Transformation Hub 3.3 includes:

  • Deployment and configuration of Transformation Hub in Microsoft Azure environment that leverages Azure services and capabilities
  • Upgrades to Version 3.3.0 from prior Version 3.x releases and patches/hotfixes are supported in the native CDF Installer, using rolling upgrades through the Master and Worker Nodes in the cluster.
  • Support for the latest Connector release, v8.0.0
  • A new CEF-to-Avro stream processor and its supporting topics have been introduced, for ESM events.  Using CEF routing rules, ESM can read from a topic of filtered Avro events.
  • The ZSTD compression algorithm is now supported.  ZSTD generally performs better than GZIP, which was the only supported compression algorithm up until this release. ZSTD compression requires an upgrade to SmartConnector v8.0.0, where it is also now supported. 
  • Support for the new Avro formatted event schema.  The Avro schema has been updated such that events may now be stored in a common highly performant Vertica database shared by all ArcSight products.
  • The Container Deployment Platform has been upgraded to version 2020.05.  A new CDF Doctor troubleshooting capability is now available to help pinpoint issues with Transformation Hub’s container-based deployments.
  • Platform component version updates have been certified on RHEL 7.8, CentOS 7.8 (RHEL/CentOS 8.1 was already supported in 3.2.0), with current releases of Azul Zulu Java runtime, PostgreSQL, Apache Kafka Client, and the Confluent platform (which includes Apache Kafka, Schema Registry and ZooKeeper). Component libraries include current vulnerability compliance, and ciphers are up-to-date.

These releases include various security fixes and bug fixes.
See the release notes of each product for more information

Please note all Managed Security Service Provider Platform (MSSP) customers with active support subscription are eligible to update to the latest Managed Security Service Provider Platform Version 2020.07https://entitlement.microfocus.com/mysoftware/iam/home

Connector Framework  7.14.0,  7.15.0 and 8.0.0 –The software can be found on the Software entitlement portal: https://entitlement.microfocus.com/mysoftware/iam/home

This release is part of our larger ArcSight 2020.2 release, which marks a significant accomplishment in our mission to make ArcSight more simple, open and intelligent. You can read more about the details of this release, and how it will enable your SOC, in our “ArcSight’s Latest and Greatest” flyer available here: https://www.microfocus.com/media/article/arcsights-latest-and-greatest-article.pdf

For more information, please check the Release Notes for this version (available from MySupport).

If you have an active support subscription for these products, please plan for downloading this version from the Software Licenses and Downloads Portal. To access these products in the Software Licenses and Downloads Portal, you will need to sign in with your Micro Focus credentials. 

Our goal is to provide you with clear visibility into the support time-line of software products, enabling you to use this information to plan, test, and deploy new product versions. For more information, check our MySupport Software Product Lifecycle pages.