ArcSight Review

It correlates security events and then allows us to take action to address those events.


What is most valuable?

The most valuable feature for us is its ability to correlate security events and then allowing us to take action to address those events.

How has it helped my organization?

We're able to customize it so that it suits our business needs.

What needs improvement?

Although we're able to customize it, it requires some level of subject-matter expertise for all the special adapters for collection.

We also had initial stability issues that were probably caused by our architecture and not the solution itself.

For how long have I used the solution?

We've been on the on-site platform for four years.

What was my experience with deployment of the solution?

We've had no issues with deployment.

What do I think about the stability of the solution?

We had some initial issues withs stability, but we worked through it. I think our architecture and design were initially flawed, so that was more of our problem and not HP's.

What do I think about the scalability of the solution?

We've had no issues scaling it in the last three years.

How are customer service and technical support?

We've used technical support several time and found them to be good.

Which solution did I use previously and why did I switch?

We moved from a managed outsource service, provided by a competitor. He wanted to in-source it, or in-house it, so we had the ability to be a little bit more effective and nimble.

How was the initial setup?

The initial setup was complex, but HP's professional services helped us out.

What other advice do I have?

Make sure you staff up internally, and have the right subject-matter expertise to take advantage of the platform. Otherwise, it's not going to help.


Disclosure: I am a real user, and this review is based on my own experience and opinions.

Add a Comment
Guest