ArcSight Reviews

Filter by:Reset all filters
industry
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
rating
Filter Unavailable
Real User
Product Specialist Security Solutions at a tech services company with 201-500 employees
Jan 25 2017

What is most valuable?

One of the most valuable features is the Active List/Session List capability. Multiple use cases were only possible to be created due to this feature list. The feature list allows us to input data dynamically to list it as a rule action. For... more»

How has it helped my organization?

Having a SIEM solution in general improves the way an organization functions, especially in the SOC part. With HPE ArcSight, we were able to deploy multiple dashboards, reports, and use case views that combine different views, data, and... more»

What needs improvement?

The main area is the GUI interface. Although a lot of improvements were made on the GUI in the last version (6.9.1), there are still a lot of configurations that need to be done using the console. The console is not a bad tool to use. I... more»
Real User
Dynamics Nav Expert at a tech services company with 51-200 employees
Jan 31 2017

What is most valuable?

The valuable features are: * Integration and log collection with different devices. * Collecting logs from many different sources. If you have your own app, you can do logging for it. In addition, you can customize log parsing. * Correlations of logs from different device types. * Built-in content such as reports, dashboard, compliance, and standard packages. *... more»

What needs improvement?

I would like to see the following improvements: * Less time to administer and track logs on separate devices. * Ease of changing the product underneath. For example, instead of Juniper routers, we started to use Check Point routers. * Reporting: I would like an easier way to find the root cause. * Simplicity: I would like to see an easier way to figure out which... more»
Find out what your peers are saying about Micro Focus, Splunk, IBM and others in Security Information and Event Management (SIEM).
284,207 professionals have used our research since 2012.
Consultant
Security Consultant at a tech services company with 5,001-10,000 employees
Nov 26 2017

What is most valuable?

* Large scale installations work well. * The new user interface is nice. * The real-time analysis adds value. * The default packages on the new HPE Marketplace are useful and give nice default dashboards and reports for most of the well-known... more»

How has it helped my organization?

* User behavior and problems on the network are visible, which we can then solve. * We can align policies with how people actually behave. * MSSP options are very good.

What needs improvement?

HPE ArcSight has a quite steep learning curve. If you get to know the product well, it is the most powerful product that I have worked with. It would be nice if new users could start using the product more easily.
Real User
Manager at a financial services firm with 1,001-5,000 employees
Jan 31 2017

What is most valuable?

* Event correlation across multiple device categories: It allows us to have a full picture of what is happening in the environment. * Flexible event collection: Besides hundreds of standard devices, you can send custom CEF Syslog prepared... more»

How has it helped my organization?

This product gave us a clear picture of the network traffic, including the useless parts. It also allowed us to detect a large range of threats, starting from the malware infected workstations to misconfigured devices.

What needs improvement?

The web console should have all the features of the standard console. In addition, the upgrade process should be simpler.
Real User
Lead Splunk Architect at a financial services firm with 10,001+ employees
Jan 31 2017

What is most valuable?

Correlation and data normalization via CEF: The speed of ArcSight's correlation engine, together with data enrichment, makes it a great tool for exploring vast amounts of data. Other SIEM tools have a hard time giving the same results at the same speed. Also, thanks to CEF log formatting, combining events from different sources takes minimal effort. Whereas,... more»

What needs improvement?

Ease of use, access and simplicity: HPW ArcSight makes it hard to capitalize on reports without the use of the console. Other SIEM tools have made it clear that event correlation results can be used not only to send out alerts, but also to provide easily accessible results to management. ArcSight can be quite complicated to use for "non-IT" user. In terms of... more»
See 18 more reviews

Articles

User Assessments By Topic About ArcSight

Find out what your peers are saying about Micro Focus, Splunk, IBM and others in Security Information and Event Management (SIEM).
284,207 professionals have used our research since 2012.

ArcSight Questions

ArcSight Projects By Members

ArcSight Consultants

What is ArcSight?

ArcSight is Micro Focus' leading Security Information and Event Management (SIEM) solution. ArcSight helps businesses protect their data through compliance solutions and security analytics.

There are a number of different products and solutions in the ArcSight family so you are able to pick and choose those that are best suited to your business requirements.

With ArcSight, IT can:

  • Monitor IT infrastructure.
  • Manage insider security with secure identity and access control.
  • Automate compliance.
  • Monitor applications.
  • Manage security risks.
  • Identify APTs.
Also known as
Micro Focus ArcSight, HPE ArcSight
ArcSight customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

BUYER'S GUIDE
Not sure which Security Information and Event Management (SIEM) solution is right for you?

Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Micro Focus, Splunk, IBM, and more!

Sign Up with Email