We performed a comparison between ArcSight Enterprise Security Manager (ESM) and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Sentinel pricing is good"
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"It's pretty powerful and its performance is pretty good."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The tool is good for correlation and aggregation. We use it as a collection platform."
"This process has helped to improve our organization because we have centralized the intra-group security equipment logs."
"I would rate the ease of use for new users an eight out of ten, with ten being easy to use. It is a good tool."
"We have been satisfied with the support."
"The most important feature is ArcSight's event correlation capabilities. It's powerful and easy. I also like the flex connector capability. It's easy to develop a new connector that isn't fully supported out of the box. For example, say you created a solution internally that's completely different, and it's not unsupported by the solution. You can write your own connector using the flex connector."
"For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers."
"Once the rules are defined, it is capable of detecting minute changes in the systems, which are effectively based on the entries in the log."
"The most valuable features of ArcSight ESM are ease of use and readily usable components."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."
"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."
"This tool is simple to use."
"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."
"SolarWinds Security Event Manager has been generally working well."
"The most valuable feature is the ease of use for the end user."
"We'd like to see more connectors."
"The reporting could be more structured."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Sentinel's reporting is complex and can be more user-friendly."
"Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery."
"The user interface of ArcSight Enterprise Security Manager could improve. It is not very good. Additionally, they could integrate the web interface better."
"In certain cases, this product does have false positives, which the company should work on."
"ArcSight is incredibly complex when configuring and deploying, and if your organization doesn't know what they want and what they need, ArcSight will be a challenge for them."
"I would like to have a feature that gives us an entire report listing what devices are integrated."
"I am having issues with report generation with older versions. I don't know if this is because of compatibility issues, but report generation has been a little bit difficult in older versions. It is not similar to the newer and current versions. We are looking at moving to the cloud. It would be good if ArcSight ESM can move to the cloud. They already seem to be working on this. It would also be very helpful and great if we can integrate external threat intelligence, machine learning, and AI into this solution. It has good dashboards, but they can always be better. Its stability can also be improved."
"Administration of ArcSight is not an easy job. The admin needs to be well experienced in it to identify the root cause and fix it."
"The analytics feature is not reliable and needs improvement for more detailed analysis."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"I would like to have a more customizable dashboard."
"The only issue is the pricetag. SolarWinds is a costly solution."
"It can be difficult for users who are inexperienced with the solution."
"We'd like more customization capabilities."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
More SolarWinds Security Event Manager Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM, IBM Security QRadar and LogRhythm SIEM, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Wazuh and Microsoft Defender XDR. See our ArcSight Enterprise Security Manager (ESM) vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
