- Alert correlation
- Reporting
- Retention
These are the features we find most valuable for us and which we use the most.
ArcSight Review
It's able to track down security incidents faster and make for a more efficient investigation of a user's network activity based on the log data available.
Valuable Features:
Improvements to My Organization:
It's able to track down security incidents faster and make for a more efficient investigation of a user's network activity based on the log data available.
Due simply to the user features available out-of-the-box, the convenience it can bring to any organization (when deployed and configured correctly) can greatly assist any enterprise in many facets, from an increased and enhanced security posture, to auditory regulations and even data retention.
Room for Improvement:
It needs additional and better user customization for SmartConnectors. It has additional device support for more obscure log sources.
Also needed is a configuration wizard for organizations lacking the in-depth knowledge required to integrate the solution successfully.
Deployment Issues:
We've had no issues with deployment.
Stability Issues:
We've had no issues with instability. It's been stable for us.
Scalability Issues:
We've been able to scale it for our needs. We've had no issues with scalability.
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Aug 29 2016
Author
it_user418164
Senior Security Consultant & Solution Architect at BMO
Vendor
BUYER'S GUIDE
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Micro Focus, Splunk, IBM, and more!
