Home
Arc
Introduction
An overview of Arc.
Detection information
The information that Arc detects, listed for each operating system (OS). The table shows two types of Category: network and asset. When the Category is listed as network, it means that the detection is based on information that has been extracted from the network. When the Category is listed as asset, it means that the detection is based on information that has been extracted from the asset.

Arc
- Introduction
  An overview of Arc.
  - Arc overview
    Arc™ is a host-based sensor that detects and defends against malicious or compromised endpoints, and insider attacks. You can use Arc sensors to aggregate data for analysis and reports, either on-premises, or in the Vantage cloud.
  - Arc Embedded
    This version of Arc can be embedded directly on programmable logic controllers (PLCs).
  - Architecture
    It is important to understand the different architecture possibilities that are available with Arc.
  - Arc in Guardian
    The Arc button in the Guardian Web UI lets you access the different pages for Arc.
  - Arc in CMC
    The Arc button in the Central Management Console (CMC) Web UI lets you access the different pages for Arc.
  - Deployment
    The Deployment page shows a table of all the devices available for Arc deployment.
  - Deployment settings
    The Deployment settings page lets you configure the settings for your Arc deployment.
  - Node points
    The Node points page shows data points that are collected over time, and represent the state of the target machine.
  - Dependencies
    The Dependencies page shows the status of the dependencies. When a dependency is missing, you can use the upload icon in the Actions column to upload it.
  - Arc in Vantage
    The Sensors page shows all the Arc sensors in the network. It also lets you connect an Arc sensor.
  - Viewing data from Arc
    The data Arc acquires can be viewed in different places, and in different formats.
  - Commands syntax
    The example commands given in this documentation are for Microsoft Windows. Some of these commands are the same in other operating systems (OS), but when a procedure is specific to a different OS, the correct syntax for that OS is used.
  - Security measures
    A description of the security measures that Arc uses.
  - Detection information
    The information that Arc detects, listed for each operating system (OS). The table shows two types of Category: network and asset. When the Category is listed as network, it means that the detection is based on information that has been extracted from the network. When the Category is listed as asset, it means that the detection is based on information that has been extracted from the asset.
    - Arc Embedded detection information
      Each Arc Embedded implementation inherits all the detected information from its architecture as shown in Detection information, and then adds vendor specific detections.
- Requirements
  The machine and network requirements necessary to use Arc.
- Preparation
  Information on how to import Arc packages, and install a license.
- Configuration
  Details on how to configure Arc.
- Deployment
  Information on how to deploy Arc. This includes details for manual and automatic deployments, and deployment through a mobile device management (MDM) system.
- Execution
  Information on the different modes that you can use with Arc.
- Troubleshooting
  Troubleshooting procedures to help you solve problems that might occur when you use Arc.
- Print format documentation
  A list of all the print-format documentation that is available for Arc.

Detection information

The information that Arc detects, listed for each operating system (OS). The table shows two types of Category: network and asset. When the Category is listed as network, it means that the detection is based on information that has been extracted from the network. When the Category is listed as asset, it means that the detection is based on information that has been extracted from the asset.

Table 1. Detection information
Category	Information	Windows	macOS	Linux	UI option
network	Traffic monitoring				Traffic monitoring
network	Smart Polling				Smart Polling
asset	media access control (MAC) addresses				always on
asset	internet protocol (IP) addresses				always on
asset	Product name				always on
asset	Vendor				always on
asset	Label/host name				always on
asset	operating system (OS)				always on
asset	Serial number				always on
asset	Local address resolution protocol (ARP) table				Local ARP table
asset	Sigma rules				Sigma rules
asset	universal serial bus (USB) detections				USB detections
asset	central processing unit (CPU) usage				node points
asset	Memory usage				node points
asset	Disk usage				node points
asset	Installed software				node points
asset	Hotfixes				node points
asset	Antivirus				node points
asset	Log4j detection				node points
asset	User accounts				node points
asset	Logged in users				node points
asset	USB interfaces				node points
asset	Network interfaces				node points
asset	Processes and ports				node points
asset	Disk partitions				node points
asset	domain name server (DNS)				node points
asset	CPU				node points