ArcSight Enterprise Security Manager (ESM) Implementation Team
DB
DavidBrown13
Security Operations Director at Axon Technologies
We used two architects and three engineers on our team for deployment, and the team from ArcSight had nearly an equivalent amount. We handled deployment in-house, and we fully deployed it enterprise-wide in about six months. We had HP ArcSight certified engineers and architects, and then we sent a handful of our own engineers to HP so they could become fully ArcSight certified. Their engineers and our certified engineers then worked hand in hand in kind of a mentor, mentee relationship to ensure that our team had full knowledge and capability going forward.
The first step of deployment was scoping and sizing for five-year growth, based on what we were currently running in the older product, which was QRadar, and so then once we determined what size infrastructure we needed, we deployed that infrastructure. That took about a month. From there, we then on-sourced non-critical assets for testing and piloting. Once we had that done, we deployed the agents for the use to our SOC, and then we ran both systems in parallel to make sure that use cases reported over correctly, and they were all fine-tuned.
Once we had them working on our test samples, we then did a rapid deployment across the entire environment. We ingested everything from the old system into the new one to the log collector. Once all the old logs were in there, we then switched over to real-time and transferred the real-time logging from the old system to ArcSight, and then that system was live. We did one after the other, and that's what took the six-month window, because after about a three-month deployment of getting all 35,000 log sources ingested and up and running, it took about another three months to do the rest.
A consultant is required for smooth setup.
View full review »We implemented it in-house.
View full review »Buyer's Guide
ArcSight Enterprise Security Manager (ESM)
April 2024
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
767,995 professionals have used our research since 2012.
We implemented ArcSight Enterprise Security Manager (ESM) ourselves.
View full review »We used a provider team.
View full review »We have approximately six people from our information security department managing ArcSight ESM. The deployment was done by four engineers.
View full review »The installation had already been implemented by an HP subsidiary who were fairly good when performing the installation. Despite that, they did a poor job of implementing the hardware.
View full review »I did the implementation of ArcSight ESM myself. We have two people for maintenance.
View full review »ArcSight makes it easy to achieve ROI because of its great flexibility.
View full review »
In-house experts.
View full review »
TB
Teguh Budyantara
IT Manager at Royal Cemerlang
We used a partner for the implementation.
View full review »We had an in-house implementation. I would recommend a dedicated team for implementation, support, and operation.
View full review »We implemented through HPE itself and I would advise to go through a vendor as they would hand over the SIEM post-fine tuning which is a mammoth task.
View full review »JA
Jeremy Ambicha
Forensic Consultant at A Cyber 1 Company
We implement in-house, and it takes approximately two months to complete implementation.
View full review »LH
Luthfiana Hudaya
Works at NOOSC Global
A reseller assisted our customer with the deployment.
View full review »
With the help of a vendor team. They are really helpful and cooperative.
View full review »
We did it in-house with help from the vendor's professional services. My advice is to think first where you would like to put your collectors. Assess if your network will be able to lift extra loads, assess what logging level will be required, and if log sources are capable of delivering it.
View full review »VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
We implemented it in-house.
View full review »BS
reviewer1370811
Head - Professional Services at a computer software company with 51-200 employees
We deploy the solution for our clients. We also tend to handle the maintenance for our clients as well.
View full review »SW
reviewer987771
Senior Manager at a tech services company with 51-200 employees
We used an integrator for the implementation of ArcSight ESM.
View full review »We bring in an HP consultant for development and implementation.
View full review »AB
reviewer1342554
Associate Vice President at a consumer goods company with 201-500 employees
We handled the implementation in-house.
View full review »VN
Velly Nusmir
Senior Manager at PT Permata Anugerah Abadi
We implement the solution and maintain it for the clients.
View full review »We did not use a vendor team to do the implementation. Our in-house teams could roll out ArcSight very well. Cooperation of a lot of teams is often needed to implement SIEM solutions: networking, OS, and compliancy. Depending on your company structure, cooperation between teams can cost the most time.
View full review »We carried out a pilot implementation based on the initial SOW, including several basic use cases. This allowed us to understand what is really happening in the environment and we learned that most of the default rules are not appropriate for us. After the pilot was successful, we bought the solution.
View full review »As a system integrator, I always say that implementation must be done by an experienced team. SIEM solutions are not easy, so if time is important, do not rely on doing it haphazardly.
View full review »OO
Olakanmi Oluwole
Cyber threat Intelligence Manager at CyberLab Africa
We had assistance with the implementation of the solution. We have approximately five individuals that do the maintenance.
View full review »I work for a reseller, and we set up ArcSight for our customers, and I am learning a lot about its architecture.
View full review »
Vendor. They had a good amount of ArcSight implementation experience.
View full review »
Through an in-house team.
View full review »
MJ
MuhammadJunaid3
Techniqal Lead Enterprise Solution at a tech services company with 51-200 employees
We provide the implementation and maintenance services of the solution for our customers.
Buyer's Guide
ArcSight Enterprise Security Manager (ESM)
April 2024
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
767,995 professionals have used our research since 2012.