ArcSight Review
Network investigation is poor but it's highly customizable


Valuable Features:

  • Powerful Correlation
  • Customization 
  • Integration capabilities

Room for Improvement:

  • Very complex install and management
  • Steep learning curve
  • Poor Network Investigation
  • Poor analytics.

Use of Solution:

Six years.

Stability Issues:

Yes, Logger, ESM and Connector ecosystem if not set up properly, lead to stability issues both in point operations as well as integrations.

Scalability Issues:

No. ArcSight is very scalable.

Customer Service:

3 out of 5.

Implementation Team:

We implemented it in-house.

ROI:

Poor as the product takes more effort to generate value. Its CAPEX cost is high too.

Other Advice:

If you really want the power and flexibility of customizing your Security monitoring and correlation, go with ArcSight, but beware of the effort involved in set up and maintenance.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful

Add a Comment

Guest
Why do you like it?

Sign Up with Email