Archer Integ: RSA Archer Integration

Document created by RSA Information Design and Development on Oct 11, 2017Last modified by RSA Information Design and Development on Mar 28, 2018
Version 11Show Document
  • Comment0
  • View in full screen mode
 

Administrators can integrate RSA NetWitness Suite with RSA NetWitness Security Operations (SecOps) Manager to send alerts and incidents from NetWitness Suite to Archer for incident management and remediation. This guide provides a high-level workflow for configuring this integration.

Note: When you upgrade from Security Analytics 10.6.5 to NetWitness Suite 11.1, the Archer SecOps integration is no longer valid and must be re-configured.

The following table list the NetWitness Suite 11.1 integration options with NetWitness SecOps Managert Version 1.3.1.2.

                                 
NetWitness SecOps Manager VersionNetWitness Suite 11.1 IntegrationReference
1.3.1.2Event Stream Analysis (ESA)

For more information, see "Configure Event Stream Analysis for Integration with Archer SecOps" section.

1.3.1.2Reporting Engine (RE) For more information, see "Configure Reporting Engine for Integration with Archer SecOps" section.
1.3.1.2Respond

For more information, see "Configure Respond for Integration with Archer SecOps 1.3.1.2" section.

1.3.1.2Archer FeedsFor more information, see "RSA Archer Feeds" section.
You are here
Table of Contents > RSA Archer Integration

Attachments

    Outcomes