We just raised a $30M Series A: Read our story
MuhammadJunaid3
Techniqal Lead Enterprise Solution at a tech services company with 51-200 employees
Real User
Top 10
Arcsight ESM is one of the best SIEM platform having market leading corelation engine, which is the plus point of Arcsight ESM it is very stable by its distributed architecture and scalability.

Pros and Cons

  • "I am satisfied with the solution's stability."
  • "Micro Focus does not have a physical presence here in Pakistan, although IBM does."

What is our primary use case?

We help our customers to implement the solution to detect known threats by state of the art variety of use cased offerings.

How has it helped my organization?

Arcsight ESM help customer in Automation for their complex security use case in order to detect the bad guys.

What is most valuable?

Corelation Engine by corelating the cross domain logs.

What needs improvement?

OOB content is limited Microfocus should release the smart connector update on quaterly basis.

For how long have I used the solution?

I've been working with the Micro Focus ArcSight portfolio for nearly six years.

What do I think about the stability of the solution?

I am satisfied with the solution's stability.

What do I think about the scalability of the solution?

I am satisfied with the solution's scalability. 

How are customer service and technical support?

We are satisfied with technical support and most of our problems have been resolved.

How was the initial setup?

Simple and pretty straight forward.

What about the implementation team?

We provide the implementation and maintenance services of the solution for our customers.

Which other solutions did I evaluate?

According to the Gartner Reports and Gartner Reviews, the main competitors of the solution are IBM and Splunk. They provide their services world-wide and do much implementation in the region. 

the plus point for Arcsight ESM is having cross domain corelation feature.

What other advice do I have?

I rate ArcSight Enterprise Security Manager (ESM) as a 8 out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
GM
Information Security Analyst at a comms service provider with 1,001-5,000 employees
Real User
Top 20
The roadmap is not clear but it has a very good correlation feature

Pros and Cons

  • "The correlation feature is good."
  • "The roadmap is not clear."

What is our primary use case?

Our primary use case is for security purposes. We are customers of ArcSight and I'm an information security analyst.

What is most valuable?

I think the correlation feature is one of the best features of ArcSight.

What needs improvement?

A lot of improvements could be made in the product. I think the roadmap is not clear, and there is no AI or machine learning solution. 

For how long have I used the solution?

I've been using this solution for five years. 

What do I think about the stability of the solution?

We haven't had any issues with stability. 

How are customer service and technical support?

I think there is good technical skill with the technical support but their attitude and response time is not good. 

How was the initial setup?

I recall that the initial setup was quite complex. We took subscription services for two weeks which covered the period of deployment. 

Which other solutions did I evaluate?

We are actually moving to another solution because the roadmap is not clear. We are just a small team and we don't need to monitor 24/7. We're looking to replace it with another more intelligent solution like Splunk or Securonix.

What other advice do I have?

Honestly, I won't recommend the ArcSight to another person. 

I would rate this solution a four out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
541,708 professionals have used our research since 2012.
ShilpaSingh
Security Engineer at a tech services company with 1,001-5,000 employees
Real User
Top 10
A stable and scalable solution with good correlation and parsing

Pros and Cons

  • "I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me."
  • "Its search part can be improved. When I go to the console and search for a few logs or something else, it takes a lot of time. When I try to search for three days or one week, it takes too much time. This is a major area of improvement. I wanted them to include features like SOAR, threat intelligence, and automation, and they seem to have included all these features in version 7.3 or 7.4."

What is most valuable?

I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me.

What needs improvement?

Its search part can be improved. When I go to the console and search for a few logs or something else, it takes a lot of time. When I try to search for three days or one week, it takes too much time. This is a major area of improvement.

I wanted them to include features like SOAR, threat intelligence, and automation, and they seem to have included all these features in version 7.3 or 7.4.

For how long have I used the solution?

I have been using this solution for approximately three to four years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is scalable.

How are customer service and technical support?

I have experience with their technical support, and I would rate them 4.5 out of 5. Whenever I have raised a ticket, I got an appropriate response. They were able to solve my problem.

What other advice do I have?

I would rate ArcSight Enterprise Security Manager (ESM) an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
VN
Senior Manager at a tech services company with 11-50 employees
Real User
Top 5
Great real-time reporting, offers simplicity for implementation and operations

Pros and Cons

  • "Very good real-time reporting with a good dashboard."
  • "Currently lacks SOAR feature."

What is our primary use case?

We deal mainly with enterprise companies - I'm the senior manager and we are partners with ArcSight. 

What is most valuable?

The solution has a good dashboard, very good real-time reporting and it's easy to use, offering simplicity for implementation and operations.

What needs improvement?

I'd like to see an improvement in their training and documentation. SOAR (Security Orchestration, Automation, and Response) would be a good feature to include in the future. 

For how long have I used the solution?

I've been using this solution for six years. 

What do I think about the scalability of the solution?

This solution is stable and scalable. 

How are customer service and technical support?

They offer 24/7 standby support wherever you are. It's very good. 

How was the initial setup?

The initial setup is straightforward. 

What's my experience with pricing, setup cost, and licensing?

The cost is reasonable for a good solution.

What other advice do I have?

It's important to set up the organization before implementation, checking internal desktops or IT security internals before buying the solution.

I rate this product an eight out of 10. 

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Flag as inappropriate
Olakanmi Oluwole
Cyber threat Intelligence Manager at CyberLab Africa
Real User
Top 5
Scalable, good technical support, but stability could improve

What is our primary use case?

We are using ArcSight Enterprise Security Manager (ESM) for data analytics. We monitor the reports on security event information.

For how long have I used the solution?

I have been using this solution for approximately one year.

What do I think about the stability of the solution?

The solution could be more stable.

What do I think about the scalability of the solution?

We have not had any issue with the scalability. We have approximately 20 users using this solution in my organization.

How are customer service and technical support?

We have been satisfied with the support.

How was the initial setup?

The installation was easy.

What about the implementation team?

We had assistance with the implementation of the solution. We have…

What is our primary use case?

We are using ArcSight Enterprise Security Manager (ESM) for data analytics. We monitor the reports on security event information.

For how long have I used the solution?

I have been using this solution for approximately one year.

What do I think about the stability of the solution?

The solution could be more stable.

What do I think about the scalability of the solution?

We have not had any issue with the scalability.

We have approximately 20 users using this solution in my organization.

How are customer service and technical support?

We have been satisfied with the support.

How was the initial setup?

The installation was easy.

What about the implementation team?

We had assistance with the implementation of the solution. We have approximately five individuals that do the maintenance.

What's my experience with pricing, setup cost, and licensing?

There is a license required for this solution.

What other advice do I have?

I would recommend this solution to others.

I rate ArcSight Enterprise Security Manager (ESM) a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
SS
Information Technology Security Consultant at a computer software company with 1,001-5,000 employees
Real User
Easy setup but should offer an entire report listing of integrated devices

What is most valuable?

There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive. 

What needs improvement?

The security is difficult.  I would like to have a feature that gives us an entire report listing what devices are integrated.

For how long have I used the solution?

I have been using ArcSight for the last five years. 

How are customer service and technical support?

In the beginning, we got good support but it hasn't been what it used to be. On weekends we get the list of devices that are integrated but if we need to generate the lists of rights, it doesn't send the logs.

How was the initial setup?

The initial setup was simple. The initial setup took five to…

What is most valuable?

There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive. 

What needs improvement?

The security is difficult. 

I would like to have a feature that gives us an entire report listing what devices are integrated.

For how long have I used the solution?

I have been using ArcSight for the last five years. 

How are customer service and technical support?

In the beginning, we got good support but it hasn't been what it used to be. On weekends we get the list of devices that are integrated but if we need to generate the lists of rights, it doesn't send the logs.

How was the initial setup?

The initial setup was simple. The initial setup took five to six days.

What other advice do I have?

I would rate it a seven out of ten. In the next release, I would like for them to include a list of integrated devices. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
US
CISO and DPO at ValueLabs LLP
MSP
Top 20
Good visibility into end-to-end communications helps discover security threats

Pros and Cons

  • "ArcSight gives us better visibility into threats that were unknown earlier."
  • "We would like the ability to easily identify either unused resources or those that are being used sub-optimally."

What is our primary use case?

Flexibility, high ingestion rate, and complexity of use cases.

How has it helped my organization?

ArcSight gives us better visibility into threats that were unknown earlier. We now have an ability to assess end-to-end communications, as well as alerts from various security solutions along the path.

What is most valuable?

The most valuable features are lists, correlation, escalation matrix, and customers.

What needs improvement?

The following needs to be improved:

  1. We would like the ability to easily identify either unused resources or those that are being used sub-optimally.
  2. ESM should make usage of variables and other such deep customizations, highly intuitive.
  3. User behavior analytics is too pricey but an essential tool.

For how long have I used the solution?

We have been using ArcSight for eight years.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free ArcSight Enterprise Security Manager (ESM) Report and get advice and tips from experienced pros sharing their opinions.