Micro Focus Security ArcSight Managed Security Service Provider Platform (MSSP) 2020.11 has been released

  • KM03767018
  • 08-Dec-2020
  • 08-Dec-2020

This document has not been formally reviewed for accuracy and is provided "as is" for your convenience.

Summary

Micro Focus Security ArcSight Managed Security Service Provider Platform (MSSP) 2020.11

Reference

Recommended Software Update

Micro Focus is announcing the release of

Product: Security ArcSight Managed Security Service Provider Platform (MSSP)
Version: 2020.11
Languages: English

The following  new key features are available with this version:

ArcSight Data Platform (ADP) v 2.6
This release includes security vulerability and bug fixes. For full details see the release notes included with the product documentation. 

ArcMc v2.9.6
This release of ArcSight Management Center contains the following new features (for a full list please see related product documentation): 

  1. Deployment and configuration of Transformation Hub in an Amazon Web Services (AWS) environment that leverages its cloud-native services and capabilities.
  2. Support for the latest SmartConnector release, v8.1.0. In addition to CEF and ESM Binary formats, this release now supports emitting Avro-formatted event streams.
  3. ArcMC and Transformation Hub have been enhanced to enable routing of Avro streams and consumption and routing of Avro events forwarded from ESM or Logger.
  4. Windows Native Connector (WiNC) on a Connector Host Appliance (CHA) can now run in a Windows 2019 Server VM on Gen10 CHAs.
  5. New dashboard - A new list view dashboard shows host systems in an exception status (FATAL, CRITICAL, or WARNING). Pertinent information like the container and rule that was breached is displayed. It is periodically refreshed like other dashboards.

Enterprise Security Manager (ESM) v 7.4
This release of ESM includes the following key features:

  1. ArcSight SOAR now a native solution within ESM, pairing real-time detecion with automated threat response.
  2. New MITRE ATT&CK dashboard visualizes your organization’s ability to detect MITRE ATT&CK techniques, to more clearly convery where your organization is covered and, more importantly, where it’s not.
  3. Web-based Command Center expands Active List visibility beyong the ArcSight Console, allowing your security team to more easily monitor users and/or systems flagged by ArcSight’s correlation engine.
  4. Event Throughput dashbaord now includes Pre-Aggregation EPS details.
  5. Performance improvements to lists, including enhanced diagnostics, optimization choices, and more.

SmartConnectors v8.1.0
This release of SmartConnectors contains the following new features (for a full list please see the related product documentation):

  1. Significant Performance and Stability Improvements – Performance-focused code refactoring has achieved SmartConnector throughput improvements of up to 1,000% versus SmartConnectors v8.0.0 on an ArcSight Gen10 Connector Host Appliance, potentially allowing for a reduction in the number of SmartConnectors required to process workloads. As a result of these improvements, this release is also more stable and reliable. Throughput improvements apply to FlexConnectors and RepSM Plus as well. 
  2. Load Balancer stability has been improved to detect when a SmartConnector is not responding and gracefully reconnect to the connector.
  3. New and improved SmartConnectors supporting vendor cloud-native services and popular event sources
  4. Avro-formatted event streams 

Connector Framework  7.15.0,  8.0.0 and 8.1.0 –The software can be found on the Software entitlement portal: https://entitlement.microfocus.com/mysoftware/iam/home

Transformation Hub v3.4
This release of Transformation Hub contains the following new features (for a full list see related product documentation): 

  1. Deployment and configuration of Transformation Hub in an Amazon Web Services (AWS) environment that leverages its cloud-native services and capabilities.
  2. A new silent install process for on premise installations greatly simplifies the initial deployment of container-based ArcSight products and capabilities. The installer supports from a simple, single node containing all capabilities, to multi-node, high-availability deployment models. It installs and configures OS, storage, network and other prerequisites and performs pre- and post-deployment resource and configuration checks. A minimum set of parameters are required, such as Master and Worker Node host names.
  3. Upgrades to Version 3.4.0 from prior Version 3.x releases and patches/hotfixes are supported in the native CDF Installer, using rolling upgrades through the Master and Worker Nodes in the cluster. If the cluster had been deployed with a high-availability deployment, the cluster will continue to process event streams while the upgrade proceeds from node-to-node. Upgrade is also supported for Azure environments.
  4. Support for the latest SmartConnectors release, v8.1.0. 

This release is part of our larger ArcSight 2020.3 release. You can read more about the details of this release, and how it will enable your SOC, in our “ArcSight’s Latest and Greatest” flyer available here: https://www.microfocus.com/media/article/arcsights-latest-and-greatest-article.pdf 
A video summary of the release is also available on our SecOps Unplugged channel: https://www.youtube.com/channel/UCWfeits4KBY-pyqvwM8szWw

 

For more information, please check the Release Notes for this version (available from MySupport).

    

If you have an active support subscription for these products, please plan for downloading this version from the Software Licenses and Downloads Portal. To access these products in the Software Licenses and Downloads Portal, you will need to sign in with your Micro Focus credentials.

 

Our goal is to provide you with clear visibility into the support time-line of software products, enabling you to use this information to plan, test, and deploy new product versions. For more information, check our MySupport Software Product Lifecycle pages.

Please note that all Security ArcSight Managed Security Service Provider Platform customers with active support subscriptions are eligible to update to Security ArcSight Managed Security Service Provider Platform version 2020.11.