Pgzybd0n 400x400

HPE ArcSight Review
Parsers are easy to create and test.


Valuable Features:

It’s a highly customizable solution. Rules can be customized to a great extent. Session lists, active lists, and global and local variables are pretty unique to the solution.

Improvements to My Organization:

It can collect logs from many unsupported log sources. Parsers are easy to create and test.

Room for Improvement:

The solution needs quite a bit of initial customization.

It needs more product integration, like NBAD and VM solutions, etc. Although the solution currently supports log collection from NBAD and VM solutions, it would be good to add features for HPE to have their own NBAD and VM solution.

There is room to improve the storage requirement.

Use of Solution:

I have been using ArcSight for over five years.

Stability Issues:

The hardware requirements are very high and the solution has poor stability when they are not met.

Scalability Issues:

HPE ArcSight scales very well at the connector level, Logger level and the ESM level.

Technical Support:

Technical support is poor. This is one area that needs improvement

Initial Setup:

The initial setup is not complex, but is a little time consuming. Since the solution is highly customizable, the number of configurable options are high. HPE ArcSight allows distributed architecture.

Cost and Licensing Advice:

Pricing is high. There are multiple licensing options available. Hardware/software or hybrid licensing options are available. Some of the license upgrades are paper license upgrades.

Other Solutions Considered:

We evaluated IBM QRadar, McAfee ESM, and AlienVault.

Other Advice:

Planning is very important. You need to know the security threats to your organisation to create the relevant rules. Look at other less-discussed modules of HPE ArcSight, like ArcSight Interactive Discovery and ArcSight ThreatDetector, for better results.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

0 Comments

Anonymous avatar x30
Guest

Have A Question About HPE ArcSight?

Our experts can help. 213,954 professionals have used our research on 5,586 solutions.
Why do you like it?

Sign Up with Email