Arcsight Logger Review

An extremely customizable and scalable enterprise-level solution with great stability


What is our primary use case?

We primarily use the solution for monitoring all of our perimeter - from critical assets to less critical ones. It covers IT assets, networks, databases, servers, endpoints, etc.

What is most valuable?

The ability to customize the solution in great detail is its most valuable feature. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive. 

What needs improvement?

They should enhance and improve everything related to the graphical user interface. It needs to be more fluid and easy to use. Many think that ArcSight is complex and difficult. This is not something that my team feels but that's because we have acquired experience and expertise over time.

The solution should make it possible to integrate network analysis features.

For how long have I used the solution?

I've been using the solution for four years.

What do I think about the stability of the solution?

The stability of the solution is good. There are very few bugs.

What do I think about the scalability of the solution?

The scalability of the solution is very, very good.

How are customer service and technical support?

Technical support is very responsive.

If you previously used a different solution, which one did you use and why did you switch?

We didn't previously use a different solution.

How was the initial setup?

The initial setup was straightforward. Deployment varies according to the scope of your technical parameters. Maintenance is a daily activity. I have a team of two people that are focused on the administration of the outside platform.

What about the implementation team?

We implemented the solution through an integrator.

Which other solutions did I evaluate?

We evaluated QRadar before we implemented this solution.

What other advice do I have?

We are using the on-premises deployment model.

There are people who say "Oh, ArcSight is losing its position and it's complex or it's not a good solution." I do not agree. I know that the biggest companies in the world are still working with ArcSight. It's the most comprehensive solution. It contains many features that are useful for enterprise-level organizations. 

If a company has a team that wants to go deeper and get the most features out of developing a real SOC, they should look for a very robust, scalable,  multi-tenant solution. The solution should also be able to manage data analytics and to offer User Behavior Analytics. Arcsight offers this. 

This particular solution is perfect for big companies. Smaller companies should look for integrated solutions that do not necessarily scale.

I would rate the solution nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email