Arcsight Logger Review

Data correlation, which unfortunately only comes with an ESM module, is the most valuable feature for us.


Valuable Features

Data correlation, which unfortunately only comes with an ESM module, is the most valuable feature for us.

Room for Improvement

We have issues with connecting standard HP network devices as they appear to not be supported by HP ArcSight. One company/product is not aligned and apparently it is expected that all the network data is in CEF format, which is impossible for the HP network sources to deliver. Instead, HP ArcSight should be able to handle any file format.

Use of Solution

We are still currently implementing it.

Deployment Issues

There were no issues deploying it.

Stability Issues

We have had no stability issues.

Scalability Issues

There have been no issues scaling it.

Customer Service and Technical Support

I'd rate technical support a 7/10.

Previous Solutions

There was no previous solution in place.

Initial Setup

It's complex for several reasons -

  • Targeting and logic of systems
  • Bandwidth dependencies
  • Data privacy
  • Location
  • FW settings
  • File formats

Implementation Team

We're using a vendor team.

ROI

It is very expensive for what it delivers. Licensing is set at 80 servers, just enough to catch the most important ones.

Disclosure: My company has a business relationship with this vendor other than being a customer: We're a third-party vendor.
Add a Comment
Guest
Sign Up with Email