ArcSight provides a suite of tools for SIEM—security information and event management. The best-known seems to be ArcSight Enterprise Security Manager (ESM), described as the "brain" of the SIEM platform. It is a log analyzer and correlation engine designed to sift out important network events. The ESM itself is a standalone appliance, and the management programs run on Linux, Windows, AIX, and Solaris. For open-source alternatives see OSSEC HIDS and OSSIM.
For downloads and more information,
visit the ArcSight SIEM platform homepage.
Requires a full time employee to configure, administer and keep running. Incredibly finicky. Industry direction seems to be moving away from ArcSight since their acquisition by HP, towards Splunk and open source.