• Home
  • ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM

ArcSight Enterprise Security Manager (ESM) vs Trellix ESM comparison

Cancel
You must select at least 2 products to compare!
OpenText Logo
ArcSight Enterprise Security Manager (ESM)
Read 93 ArcSight Enterprise Security Manager (ESM) reviews
5,016 views|2,339 comparisons
89% willing to recommend
Trellix Logo
Trellix ESM
Read 34 Trellix ESM reviews
3,505 views|1,450 comparisons
76% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM
May 2024
Executive Summary

We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Trellix ESM based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM Report (Updated: May 2024).
Download the complete report
772,679 professionals have used our research since 2012.
Featured Review
Anonymous User
Researched Trellix ESM but chose ArcSight Enterprise Security Manager (ESM): Parsers are easy to create and test.
It can collect logs from many unsupported log sources. Parsers are easy to create and test.
Cybersecon67
Researched ArcSight Enterprise Security Manager (ESM) but chose Trellix ESM: Helpful dashboards for log monitoring, and integrates well with other technologies
This solution helps us to provide services for our clients and integrates well with their other technologies.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR.""We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.""ArcSight ESM provides us the flexibility to write our own passwords and customize the solution. It lets us search and log a variety of SmartConnectors. It has 480-plus SmartConnectors.""The user interfaces are quite good and speedy.""​It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts.""There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive.""We have been satisfied with the support.""ArcSight is customizable. You can integrate just about anything. I also like the ease of use."

More ArcSight Enterprise Security Manager (ESM) Pros →

"Compared to other solutions, the user interface is good.""We are now able to completely monitor our environment so we can review what is there, which is a big win for us.""The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure.""It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved.""The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it.""McAfee as a whole is a good solution.""The product’s most valuable feature is log monitoring.""It has performed well and delivered the results that I have been looking for."

More Trellix ESM Pros →

Cons
"The tool should improve its UI. It also should make data more searchable.""The onboarding process for this solution could be better. It also needs a better GUI.""The analytics feature is not reliable and needs improvement for more detailed analysis.​""They need to develop NetFlow appliances that can be installed in the customer network on span ports, collect NetFlow, and send it to ArcSight without relying on the devices' NetFlow capability and their position in the network.""The stability isn't quite perfect. We occasionally run into problems.""ArcSight ESM could improve by adding more features and documentation. There needs to be more documentation.""The customer experience could be improved.""There could be more API features for extracting logs on different devices included in the product."

More ArcSight Enterprise Security Manager (ESM) Cons →

"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface.""I would like to see good analytics in future releases.""The solution needs to improve case management. The UI is confusing.""The support from McAfee ESM could improve. They could improve the speed.""The user interface could be more user-friendly.""The only drawback is that they don't have any packet capturing or network behavior analysis.""I would like to see fingerprint recognition included in the next release of this solution.""The initial setup is difficult and could improve."

More Trellix ESM Cons →

Pricing and Cost Advice
  • "HPE ArcSight pricing might be more expensive than other SIEM solutions, but in my opinion it has powerful features and great flexibility in developing complex use cases."
  • "ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."
  • "Aggregation can help a lot in pushing down licensing costs."
  • "​It is best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders.​"
  • "Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."
  • "Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service."
  • "The pricing is great compared to others."
  • "The cost of the solution is not very high, although hiring a qualified analyst to work with the product is expensive."

    • More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →

  • "You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."
  • "We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."
  • "The cost is dependent on the customer's environment and requirements."
  • "The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."
  • "The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."
  • "We renew our license annually."
  • "McAfee is the right choice for a low-budget solution."
  • "The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

    • More Trellix ESM Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    772,679 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    Which is the best SIEM tool for a mid-sized financial services firm: Arcs...
    Top Answer:In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to… more »
    Read all 11 answers   →
    What do you like most about ArcSight Enterprise Security Manager (ESM)?
    Top Answer:We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
    Read all 35 answers   →
    What is your experience regarding pricing and costs for ArcSight Enterpri...
    Top Answer:The pricing model is expensive compared to open-source alternatives, especially as your needs grow.
    Read all 16 answers   →
    What do you like most about McAfee ESM?
    Top Answer:The solution's technical support is great.
    Read all 22 answers   →
    What is your experience regarding pricing and costs for McAfee ESM?
    Top Answer:The product is slightly expensive. They offer some discount on the purchase of a certain number of nodes. They should give some concession on the license renewal as well.
    Read all 16 answers   →
    What needs improvement with McAfee ESM?
    Top Answer:The integration capabilities of Trellix ESM with SaaS solutions are an area of concern where improvements are needed. When you continue to add solutions from other vendors, you need to look at the… more »
    Read all 20 answers   →
    Ranking
    12th
    out of 80 in Security Information and Event Management (SIEM)
    Views
    5,016
    Comparisons
    2,339
    Reviews
    19
    Average Words per Review
    471
    Rating
    7.2
    18th
    out of 80 in Security Information and Event Management (SIEM)
    Views
    3,505
    Comparisons
    1,450
    Reviews
    6
    Average Words per Review
    429
    Rating
    7.8
    Comparisons
    Also Known As
    Micro Focus ArcSight, HPE ArcSight, ArcSight
    McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
    Learn More
    OpenText
    Trellix
    Video Not Available
    Overview

    ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.

    ArcSight Enterprise Security Manager (ESM) Features

    • Real-time threat detection
    • Visualization and reporting capabilities
    • Patented log management
    • Personalized dashboards
    • Scalable event monitoring
    • Seamless integration with your existing SOC tools
    • Behavior profiling
    • Data and user monitoring
    • Application monitoring
    • Analytics
    • Deployment/support simplicity

    ArcSight Enterprise Security Manager (ESM) Benefits

    Some of the benefits of using ESM include:

    • Real-time information: ArcSight ESM can correlate data from any source in real-time to detect incidents before they become a breach.
    • Compliance: Optional compliance packs enable packaged reports for PCI, SOX, and IT Governance.
    • Security analytics: With ArcSight ESM, you can build and maintain a security operation center (SOC) through big data security analytics.
    • Integration: ArcSight ESM allows you to integrate SOC with network operations, service desk, CMDB, business intelligence, Hadoop, email security, application security, threat feeds, and more. 
    • Speed: ArcSight ESM provides excellent speed of event collection with patented log management tools. 
    • Advanced detection: ArcSight ESM can detect unusual or unauthorized activities as they occur, preventing business disruptions. 
    • Decrease threat exposure: By implementing ArcSight ESM, you reduce threat exposure because the solution detects threats in real time.  
    • Operational efficiency: ArcSight ESM makes it possible for you to automate responses with ArcSight’s native SOAR, which saves your organization time, and therefore increases your operational efficiency.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by ArcSight Enterprise Security Manager (ESM) users.

    A Head of Professional Services at a computer software company says, “The simplicity of the solution is the most valuable aspect of the product. The product is quite mature. It's been around for a long time. The integration is easy for the most part.”

    A Managing partner at a tech services company states that the solution is “Good at consolidating logs, fairly stable, and can scale.” 

    PeerSpot user Abbasi P., Vice President Derivatives Ops IT at a financial services firm, explains, “The user interfaces are quite good and speedy, and I like the consoles too. The typology and the setup are also good.”

    A Chief Technological Officer at a tech services company says, "It is a very useful tool for intelligence building because it has many use cases and many rule sets."

    An Associate Vice President at a consumer goods company comments, “We primarily use the solution for its technology including its independent logs, and those types of things. The solution offers very good monitoring. The product's log management and event management capabilities are excellent. There are a lot of really good analytical components. It helps us focus on analysis.”

    Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

    Sample Customers
    Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
    San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
    Top Industries
    REVIEWERS
    Financial Services Firm33%
    Comms Service Provider19%
    Computer Software Company17%
    Insurance Company5%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company13%
    Manufacturing Company9%
    Government9%
    REVIEWERS
    Financial Services Firm25%
    Government15%
    Healthcare Company10%
    Computer Software Company10%
    VISITORS READING REVIEWS
    Educational Organization72%
    Computer Software Company5%
    Financial Services Firm4%
    Government4%
    Company Size
    REVIEWERS
    Small Business32%
    Midsize Enterprise14%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise64%
    REVIEWERS
    Small Business29%
    Midsize Enterprise15%
    Large Enterprise56%
    VISITORS READING REVIEWS
    Small Business8%
    Midsize Enterprise75%
    Large Enterprise17%
    Buyer's Guide
    ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM
    May 2024
    Free Report: ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM
    Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,679 professionals have used our research since 2012.

    ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Trellix ESM is rated 7.4. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, IBM Security QRadar, Elastic Security and AWS Security Hub, whereas Trellix ESM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Trellix Helix and Fortinet FortiSIEM. See our ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.