We performed a comparison between ArcSight ESM and Fortinet FortiSIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: ArcSight ESM is praised for its well-designed dashboard, real-time reporting, and threat intelligence capabilities that leverage AI and correlation tools. Users also like ArcSight’s seamless integration and effortless management. Fortinet FortiSIEM users like its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. ArcSight ESM users have recommended improvements in training, speed, and data administration. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring.
Service and Support: Some ArcSight ESM users have found the support to be responsive and helpful, while others have faced issues with slow response times and a lack of expertise. Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable.
Ease of Deployment: Some said that ArcSight ESM is straightforward to set up, while others noted that integration with other systems can be challenging and requires specialized knowledge. Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time.
Pricing: Users consider the pricing of ArcSight ESM to be reasonable and affordable. FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets.
ROI: ArcSight ESM delivers an ROI by helping clients achieve compliance objectives and prevent incidents. Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses.
"Some of the benefits of using this solution are rapid correlation and near-time response on alerts."
"ArcSight gives us better visibility into threats that were unknown earlier."
"This process has helped to improve our organization because we have centralized the intra-group security equipment logs."
"The most important feature is ArcSight's event correlation capabilities. It's powerful and easy. I also like the flex connector capability. It's easy to develop a new connector that isn't fully supported out of the box. For example, say you created a solution internally that's completely different, and it's not unsupported by the solution. You can write your own connector using the flex connector."
"For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers."
"It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts."
"The reports that we are from getting from ArcSight are very valuable. The reporting in ArcSight is good. Our regulators ask us for the reports on a regular basis, and we have been able to provide the required data. Its overall functionality in terms of log analysis and the speed at which it does that is also valuable. It is very quick. Whatever alerts we had configured were extremely fast. We immediately get alerts when there is unauthorized access or unknown access, or even positive access. This is where we found the difference between ArcSight and other solutions."
"We have been satisfied with the support."
"Fortinet FortiSIEM provides good detection against advanced threats."
"The solution is easy to use and user-friendly."
"The Threat Hunting feature provides complete traffic analysis."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Easy alert setup which enables different alerts in different categories."
"I would like to have a feature that gives us an entire report listing what devices are integrated."
"The centralized dashboard for the hybrid cloud environment needs to be more focused. It needs to be redefined because it's missing most of the information. It should be a little bit easy to use. Currently, integration with various applications and connectors is not that easy. Deployment is easy, but integration is not that easy. ArcSight also has a very high bandwidth consumption to pull the local servers. It should have some kind of better process or ability to transfer files from on-premises to the cloud, from the cloud to on-premises, and from a cloud to another cloud."
"ArcSight ESM's UI is a little cumbersome and complex, especially for first-time and occasional users using the console manager."
"The solution could be more stable."
"The weakness in this system comes about because, with so many different logs, it is possible that the security analyst will lose information."
"They also could improve the product by integrating user and identity behavior analytics."
"I am having issues with report generation with older versions. I don't know if this is because of compatibility issues, but report generation has been a little bit difficult in older versions. It is not similar to the newer and current versions. We are looking at moving to the cloud. It would be good if ArcSight ESM can move to the cloud. They already seem to be working on this. It would also be very helpful and great if we can integrate external threat intelligence, machine learning, and AI into this solution. It has good dashboards, but they can always be better. Its stability can also be improved."
"Its search part can be improved. When I go to the console and search for a few logs or something else, it takes a lot of time. When I try to search for three days or one week, it takes too much time. This is a major area of improvement. I wanted them to include features like SOAR, threat intelligence, and automation, and they seem to have included all these features in version 7.3 or 7.4."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"Patching is not great - we're not getting the support we'd expect."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"The performance can be improved. Sometimes it takes a long time to fetch data."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Fortinet FortiSIEM is rated 7.6. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM, IBM Security QRadar and Wazuh, whereas Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and LogRhythm SIEM. See our ArcSight Enterprise Security Manager (ESM) vs. Fortinet FortiSIEM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.