We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities."
"ArcSight gives us better visibility into threats that were unknown earlier."
"I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive."
"The real-time analysis adds value."
"It makes maintenance very easy."
"The most valuable features of ArcSight ESM are the dashboards, ease of management for anyone, and simple for teams to provide reports related to cyber security. There are a lot of good features that are provided."
"It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts."
"Stable solution with good customer service support."
"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"The most valuable feature in ESM is its search and reporting feature. It's really nice."
"Compared to other solutions, the user interface is good."
"The solution's technical support is great."
"It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."
"It enables us to detect malicious threats, issues, or vulnerabilities in our network."
"It is user-friendly. The notification part of McAfee ESM is very easy."
"I am having issues with report generation with older versions. I don't know if this is because of compatibility issues, but report generation has been a little bit difficult in older versions. It is not similar to the newer and current versions. We are looking at moving to the cloud. It would be good if ArcSight ESM can move to the cloud. They already seem to be working on this. It would also be very helpful and great if we can integrate external threat intelligence, machine learning, and AI into this solution. It has good dashboards, but they can always be better. Its stability can also be improved."
"In certain cases, this product does have false positives, which the company should work on."
"The centralized dashboard for the hybrid cloud environment needs to be more focused. It needs to be redefined because it's missing most of the information. It should be a little bit easy to use. Currently, integration with various applications and connectors is not that easy. Deployment is easy, but integration is not that easy. ArcSight also has a very high bandwidth consumption to pull the local servers. It should have some kind of better process or ability to transfer files from on-premises to the cloud, from the cloud to on-premises, and from a cloud to another cloud."
"ArcSight is incredibly complex when configuring and deploying, and if your organization doesn't know what they want and what they need, ArcSight will be a challenge for them."
"The initial setup could be more straightforward."
"ArcSight ESM could improve the alerts for the storage capacities or actions."
"Could benefit from a more modern interface."
"The analytics feature is not reliable and needs improvement for more detailed analysis."
"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
"The disk space needed for events is not clear. In all clients, we had at least more than 100GB free that we could not use."
"The product's stability is an area of concern where improvements are required."
"I would like to see good analytics in future releases."
"There's no software support from McAfee."
"The only issue I have with McAfee is the amount of computer resources that it takes... it's definitely impacting some of the other applications that are running on a computer at the same time."
"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Trellix ESM is rated 7.4. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, IBM Security QRadar, Elastic Security and AWS Security Hub, whereas Trellix ESM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Trellix Helix and Fortinet FortiSIEM. See our ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.