ArcSight Review

The user has multiple levels of options to generate reports and get alerted based on conditions.


Valuable Features

  • Collection - Collects logs from a wide range of products, even those not supported by default and the users can develop a connector for log collection.
  • Detection - Caliber to detect subtle attacks with a powerful correlation engine.
  • Report/Alert - The user has multiple levels of options to generate reports and get alerted based on conditions.

Improvements to My Organization

By using ArcSight ESM and its correlation technology, it thwarts multiple attacks from external sources before exploitations such as SQL injection, UNIX password file attempt, brute force to published servers, and more.

In addition, internal frauds have been prevented through preventing unauthorized login attempts to the firewall, database, critical servers, etc.

Room for Improvement

ArcSight Connector appliance needs some improvement, as it has some bugs which triggers issues most of the time. I believe that the Connector is going to hit end-of-service.

Deployment Issues

We experienced no issues with the deployment.

Stability Issues

We had the bugs in Connector as detailed in the Areas for Improvement section.

Scalability Issues

We've had no issues with scalability.

Customer Service and Technical Support

Customer Service:

3.5*

Technical Support:

Technical support should be improved. Many times, I've raised a case but none of them solved it and it took the guys from the Protect724 forum so solve my issue. The support team simply collects the logs from end users and makes you wait, and you carry on passing the same information which is available in the Admin guide.

Initial Setup

All you need is proper planning and pre-requisites information, and it's straightforward. Some newbies say that this product is hard to handle, but basically practice makes perfect.

Other Advice

HP are doing their job perfectly by bringing new features in every version, such as RepSM, HA capability, etc. It has never failed me.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email