ArcSight Enterprise Security Manager (ESM) Review

Capable product that integrates with many different platforms.

Valuable Features

They're the leader of the SIEM market for fifteen years or so. ArcSight is a very capable product that integrates with many different platforms. It's huge with a lot of moving parts, but nothing can compete with it in terms of capability.

Room for Improvement

I'm a little concerned that the market is moving around ArcSight. It's a fantastic SIEM, but the recent metrics show that relying too heavily on a SIEM solution isn't protecting us. ArcSight addresses that by integrating with other solutions, but I'd like to see that to be a more central element of it.

Deployment Issues

We've had no issues with deployment.

Stability Issues

It is incredibly stable and road-tested, reasons why it's a market leader.

Scalability Issues

It's highly scalable. It works in small scenarios as well as the biggest that I can imagine.

Customer Service and Technical Support

Technical support from the vendor has been good. There's a particular challenge with ArcSight not in the technical support, but in the fact that it supports the platform and the integration.

Initial Setup

The initial setup is relatively complex because it's not a small solution. It's not only complex to set up, but the interface with business operations is even more complex around scoping, implementing, and running an implementation.

Other Advice

Make sure you tune it to your business and infrastructure, which isn't necessarily part of technical support. It requires some consulting, which is a market challenge of the product.

It's not a one-size-fits-all solution and it isn't sold with the appropriate professional services. So the number one thing with ArcSight is that you have to make sure that you get professional services to help size it for your particular use case, including integrations with your tools, operational model, and security operations.

**Disclosure: My company has a business relationship with this vendor other than being a customer: We're partners.
More ArcSight Enterprise Security Manager (ESM) reviews from users
...who work at a Financial Services Firm
...who compared it with Splunk
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
476,483 professionals have used our research since 2012.
Add a Comment