ArcSight Enterprise Security Manager (ESM) Review

The best on-prem SIEM solution that lets you do what you want and has good filtering, scalability, and support


What is our primary use case?

We have many use cases. Our Windows devices, antivirus, and firewall are integrated with ArcSight. I have used ArcSight ESM versions 6.1.1, 6.9, 7.0, and 7.2.

What is most valuable?

The filters and the ability to do what you want are the most valuable features. There is nothing that you cannot do in this solution. It has all the features, which makes it very dynamic.

What needs improvement?

I am having issues with report generation with older versions. I don't know if this is because of compatibility issues, but report generation has been a little bit difficult in older versions. It is not similar to the newer and current versions.

We are looking at moving to the cloud. It would be good if ArcSight ESM can move to the cloud. They already seem to be working on this. 

It would also be very helpful and great if we can integrate external threat intelligence, machine learning, and AI into this solution. It has good dashboards, but they can always be better. Its stability can also be improved. 

For how long have I used the solution?

I've been using ArcSight for three years. I started using it in February 2019.

What do I think about the stability of the solution?

It is stable, but its stability can be better. I would rate it a four out of five in terms of stability.

What do I think about the scalability of the solution?

It has been good when it comes to scalability. As an MSSP, we provide services to other customers, and we have customers with different capacity requirements. It is good in terms of moving from one particular size to another.

How are customer service and technical support?

They have been great. They are friendly and good.

How was the initial setup?

Its initial setup is straightforward. The deployment duration depends on the environment. It doesn't take time for our own environment, but I've heard some people complaining about the time period for which they have to wait for the deployment to take place.

What's my experience with pricing, setup cost, and licensing?

ArcSight can be a little bit expensive because of the area that we work in and the cost. Licensing is mostly on a yearly basis, not monthly.

What other advice do I have?

I would recommend this solution to anyone looking for an on-prem SIEM solution. It has been the best SIEM solution that I've worked with.

I would rate ArcSight ESM a nine out of ten. It is a great solution.

Which deployment model are you using for this solution?

On-premises

Which version of this solution are you currently using?

7.2
**Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
More ArcSight Enterprise Security Manager (ESM) reviews from users
...who work at a Financial Services Firm
...who compared it with Splunk
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
475,705 professionals have used our research since 2012.
Add a Comment
Guest