With its recent release of the ARCSight SIEM virtual appliance, Hewlett-Packard takes another step towards encouraging enterprises to put their faith in big data storage and cloud computing. The SIEM appliance’s security measures offer additional automation and ease-of-use to manage and predict security threats both on and off prem and in private and public cloud environments.

According to Eric Schou and Sridhar Karnam of HP ArcSight, the new SIEM appliance uses big data analytics tactics to protect organizations’ information: “This […] virtual SIEM enables collection, aggregation, analysis, and storage of big data enabling safer environments to conduct business.”

Additionally, the majority of the legwork is automated. Schou and Karnam explain that the ArcSight virtual SIEM “automates collection, storage, analysis, unification, aggregation, reporting, and alerting on any machine data from any device and in any format. It identifies actionable intelligence and has capabilities to block access, prevent data loss, stop exfiltration of information, and prevent data breaches. “

This type of predictive security is particularly important in enterprise-class cloud environments, when users may access secure information from a variety of devices and locations.  “Virtual SIEM is capable of monitoring both cloud infrastructure and the transactions in the cloud itself,” explained Schou and Karnam, adding, “The built-in threat profiles [identify] what is a legitimate transaction and what is a threat to the organization. For instance, multiple users logging from same IP, multiple IP’s accessing the same login, etc., could potentially be a threat.”

The new SIEM appliance represents a stepping-stone on HP’s path towards bringing big data storage and cloud computing to the enterprise. This is a path paved with a variety of HP products. The ConvergedSystems 900 (CS900) Server, for example, was also released in July. The CS900 leverages common converged infrastructure architecture across HP’s server, storage, and networking products to allow resources to be shared across applications. The entire system can be managed from a platform using standard security software.

Indeed, simple security when dealing with vast amounts of data is exactly what large-scale enterprises hunger for. The SIEM appliance’s user-friendly interface and built-in dashboards put security data in perspective for the enterprise. And the ArcSight SIEM appliance’s predictive security abilities offers enterprises the ability to look at more than just “hallmarks of a breach, but behavior that could indicate such activity is happening,” wrote John Casaretto in an earlier piece on ArcSight.