ArcSight Enterprise Security Manager (ESM) Review

It allows for easy log analysis as well as correlation and alerting.

What is most valuable?

  • Logger
  • Command Center

How has it helped my organization?

The ArcSight ESM allows for easy log analysis as well as correlation and alerting. Logger is an indexed database which allows for faster, historical searching. The versatility to use SQL queries is helpful.

What needs improvement?

There are some limitations on the functionality of Rules that I would like to see expanded. I would like to see some better support options in the ArcSight community for HP Protect. Unless someone in your organization is an ArcSight SME, you are going to have a difficult time getting answers.

For how long have I used the solution?

I've used it for two years.

What was my experience with deployment of the solution?

There were no issues with the deployment.

What do I think about the stability of the solution?

We've not had any issues with the stability.

What do I think about the scalability of the solution?

We've had no issues scaling it for our needs.

How are customer service and technical support?

I would give it 3/10. A lot of the support is community based. That strategy can work, but the answers are sometimes incomplete, incorrect, and can take a long time to get.

Which solution did I use previously and why did I switch?

I have used QRadar and Splunk. Both have great functionality that make them easy to use, but ArcSight has a very consistent layout and their logic is easy to figure out.

How was the initial setup?

I was not involved in the setup.

What's my experience with pricing, setup cost, and licensing?

I'm not involved in pricing or licensing.

What other advice do I have?

It's a well rounded product especially with the addition of Logger and Command Center. I felt it was easy to understand and use right from the start. There are some companies that do not take advantage of everything ArcSight can offer. A problem I think ArcSight can fix with better support alternatives.

Which version of this solution are you currently using?

6.5 and 6.8
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More ArcSight Enterprise Security Manager (ESM) reviews from users
...who work at a Financial Services Firm
...at Large Enterprises
...who compared it with Splunk
Free Report: ArcSight Enterprise Security Manager (ESM) Reviews and More
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
Download now
476,483 professionals have used our research since 2012.
Add a Comment
Guest
Author
Highlights
This process has helped to improve our organization because we have centralized the intra-group security equipment logs.
I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive.
For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers.
ArcSight gives us better visibility into threats that were unknown earlier.
The product is quite mature. It's been around for a long time.
The user interfaces are quite good and speedy.
The correlation feature is good.
See more »
Buyer's Guide
Download our free ArcSight Enterprise Security Manager (ESM) Report and get advice and tips from experienced pros sharing their opinions.
Download Now
Quick Links
Learn More: Questions: