The initial setup is moderately difficult. It is easy if we are trained well. Otherwise, the deployment takes three to four days.

SIEM is a complex solution if not installed properly. If it is installed properly, it will be a cakewalk. It will be a very smooth product. We have to understand the network and design before implementing it. We must thoroughly understand the network, where the devices are, how the devices are connected, and where we will get the logs. Then, we can configure the system.

Setting up ArcSight Logger is easy.

I rate the initial setup process a five out of ten. It takes a week to complete the deployment.

The initial setup is straightforward. 

The initial setup was a little bit complex.

Deployment for the solution took a month, or four weeks, in total. The first week was spent installing the firmware and logging the hardware. We updated to the latest supported version as well. The following weeks were spent deploying the agent to the target systems.

The installation itself was easy, but you needed to be trained to use it because the administration console is a bit difficult. It's not like QRadar or Splunk which both have easy to use consoles. ArcSight is efficient but it wasn't until the last version that they started to use a simpler console.

We did all of the training in order to use the solution. The first was technical - for example, how to install and deploy the system. The second training was admin related - for example, how to manage the solution. There was also training on how to manage the parameters, configure the solution, integrate the agent, and handle reporting.

The initial setup is straightforward. The maintenance is good. We deployed the solution on-premises, as there is some restriction on the cloud, and customers prefer it on on-premises as it is cheaper.

I was new to cybersecurity when I joined my company and they were implementing it at the time so the initial setup was a bit complex for me. When I got introduced to it for the first time and got thousands and thousands of pages of documentation it was a bit complex for me to fully understand how it works and how it functions. At this point, I don't think it's complex. It's pretty much straightforward and it's not complex for an experienced IT or security guy. 

The full implementation took one year, but there was a huge number of connectors that we implemented across three countries including Hungary, Serbia, and Montenegro. There were a huge number of connectors and a huge number of connector servers. I believe that that's why it took a year, it might have been a bit less. 

The tool's setup is neither simple nor difficult. 

Initially, we had some trouble finding the right agents to install on our servers since we were using some proprietary software on the network, but after we got past that step, everything else was pretty straightforward.

Setting up the initial configuration can be quite time-consuming, as there are roughly three components to address: the ESM, the Loggers, and the Management Center or Portal. For HPE, we may need to deploy two Logger, one Management Center, and two ESMs, which can take weeks to complete. Setting up the use cases is not a straightforward process and will require two weeks to complete. There are many variables that must be adjusted and fine-tuned for optimal results.

The initial setup was straightforward. Deployment varies according to the scope of your technical parameters. Maintenance is a daily activity. I have a team of two people that are focused on the administration of the outside platform.

The initial setup is complex.

We used an appliance, so the setup was very easy. But I must say that even if you use an open server, it is not complex to deploy this product.

The initial setup to be straightforward, you just have to stick to the documents and it is really easy.

The initial setup was complex, but that was mainly because of customer security reasons.

For main components, HP SE’s seem eager to help. The way documentation is organized on their site could definitely use some work though. Documentation exists, and it’s generally pretty solid, but most times, asking an HP SE directly to email it to you tends to be much easier than searching for it yourself.

The deployment doesn't take much time for the standard setup, but it can take more time when we need to integrate the device with the system. Sometimes we have found that we are not supported naturally and must do some tuning to integrate it. That can take some more time, but setup of the initial system does not taking more time. It's easy for me now to do this setup. I remember during my first year it took a little bit more time, but that's normal. It's easier to deploy the product in the basic standard, but in the complex module, it takes a little bit more time.

It's complex for several reasons -

• Targeting and logic of systems
• Bandwidth dependencies
• Data privacy
• Location
• FW settings
• File formats

Log collection may seems tricky but if you have fundamental understanding about the product it's straight forward.

The first time you set up this solution it is a little bit complex. But when you try it again and you know where the errors are, it is much more comfortable.

We have four administrators who maintain this solution.

We have a support group that helps with this. The setup isn't easy. The deployment took a month. 

The initial setup was a bit complicated to follow since there are many different components present within it. However, the complexity once learned adds a level of flexibility that you can play with.

I would say the initial versions of ArcSight components were pretty complex. For example, consider ESM, for which we had to install the manager and database separately and there were major issues with it on the archiving, and also the database management was pretty tough. But over a period of time, they improved drastically when the CORR-E came into the market.