ArcSight Enterprise Security Manager (ESM) Review

It allows for easy log analysis as well as correlation and alerting.

What is most valuable?

  • Logger
  • Command Center

How has it helped my organization?

The ArcSight ESM allows for easy log analysis as well as correlation and alerting. Logger is an indexed database which allows for faster, historical searching. The versatility to use SQL queries is helpful.

What needs improvement?

There are some limitations on the functionality of Rules that I would like to see expanded. I would like to see some better support options in the ArcSight community for HP Protect. Unless someone in your organization is an ArcSight SME, you are going to have a difficult time getting answers.

For how long have I used the solution?

I've used it for two years.

What was my experience with deployment of the solution?

There were no issues with the deployment.

What do I think about the stability of the solution?

We've not had any issues with the stability.

What do I think about the scalability of the solution?

We've had no issues scaling it for our needs.

How are customer service and technical support?

I would give it 3/10. A lot of the support is community based. That strategy can work, but the answers are sometimes incomplete, incorrect, and can take a long time to get.

Which solution did I use previously and why did I switch?

I have used QRadar and Splunk. Both have great functionality that make them easy to use, but ArcSight has a very consistent layout and their logic is easy to figure out.

How was the initial setup?

I was not involved in the setup.

What's my experience with pricing, setup cost, and licensing?

I'm not involved in pricing or licensing.

What other advice do I have?

It's a well rounded product especially with the addition of Logger and Command Center. I felt it was easy to understand and use right from the start. There are some companies that do not take advantage of everything ArcSight can offer. A problem I think ArcSight can fix with better support alternatives.

Which version of this solution are you currently using?

6.5 and 6.8
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More ArcSight Enterprise Security Manager (ESM) reviews from users
...who work at a Financial Services Firm
...who compared it with Splunk
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
476,483 professionals have used our research since 2012.
Add a Comment