We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Some of the benefits of using this solution are rapid correlation and near-time response on alerts."
"The correlation feature is good."
"The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation."
"The tool is good for correlation and aggregation. We use it as a collection platform."
"ArcSight ESM allows us to find if someone is doing an administrative operation at inappropriate times of day or trying to do something they're not allowed to."
"ArcSight is customizable. You can integrate just about anything. I also like the ease of use."
"The solution offers very good monitoring."
"The real-time analysis adds value."
"It is easy to use and deploy. It comes with user-friendly manuals."
"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."
"It has performed well and delivered the results that I have been looking for."
"This solution integrates easily and very well with other technologies."
"It is user-friendly. The notification part of McAfee ESM is very easy."
"Compared to other solutions, the user interface is good."
"It can be easily deployed with the other solutions."
"The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use."
"The way that scaling is set up isn't very cost-effective."
"Deployment typology could be improved. Difficult to scale across all the different lines of businesses."
"Sometimes, it takes ages to get an issue resolved. I have ArcSight experience, so I normally try to fix things on my own or find a workaround, but it's tough to get support when I need it."
"The correlation engine effectively connects different events, significantly improving our detection reach. However, limitations exist with non-default alerts, where additional costs arise for integration."
"Micro Focus does not have a physical presence here in Pakistan, although IBM does."
"The solution could be more stable."
"Could benefit from a more modern interface."
"ArcSight ESM's UI is a little cumbersome and complex, especially for first-time and occasional users using the console manager."
"The product’s alert response feature needs improvement. It could be more flexible and secure."
"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."
"Cloud integration has room for improvement because they're not full-fledged to integrate with the cloud solutions that come. They use different integration platforms to bring in data, and that needs to be improved."
"The solution needs to improve case management. The UI is confusing."
"There's no software support from McAfee."
"We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."
"The support from McAfee ESM could improve. They could improve the speed."
"The product's stability is an area of concern where improvements are required."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Trellix ESM is rated 7.4. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, IBM Security QRadar, Elastic Security and AWS Security Hub, whereas Trellix ESM is most compared with IBM Security QRadar, LogRhythm SIEM, Splunk Enterprise Security, Trellix Helix and Fortinet FortiSIEM. See our ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.