ArcSight Reviews

Filter by:Reset all filters
industry
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
rating
Filter Unavailable
ProductS9907
Real User
Product Specialist Security Solutions at a tech services company with 201-500 employees
Jan 25 2017

What is most valuable?

One of the most valuable features is the Active List/Session List capability. Multiple use cases were only possible to... more»

How has it helped my organization?

Having a SIEM solution in general improves the way an organization functions, especially in the SOC part. With HPE... more»

What needs improvement?

The main area is the GUI interface. Although a lot of improvements were made on the GUI in the last version (6.9.1),... more»

What's my experience with pricing, setup cost, and licensing??

In general, ArcSight solutions can cost a lot in big deployments. That comes as a result of having a big, scalable,... more»

Which other solutions did I evaluate??

We worked with RSA enVision/RSA SA as a partner: * RSA enVision was very basic and was very hard to fine-tune. * RSA SA... more»

What other advice do I have??

Do a live PoC to test all needed features. Think of use cases that you would like to deploy and make sure they are... more»
Merana Sadikovic Mandzukic
Real User
Dynamics Nav Expert at a tech services company with 51-200 employees
Jan 31 2017

What is most valuable?

The valuable features are: * Integration and log collection with different devices. * Collecting logs from many different sources. If you have your own app, you can do logging for... more»

What needs improvement?

I would like to see the following improvements: * Less time to administer and track logs on separate devices. * Ease of changing the product underneath. For example, instead of... more»

What's my experience with pricing, setup cost, and licensing??

The product is not cheap. If you set it up and use it well, it is a worthwhile purchase.

What other advice do I have??

Prior to implementation, do an internal assessment and analyze business, technical, and other requirements. Know your inventory and ask for a project methodology approach. Ask your... more»
Find out what your peers are saying about Micro Focus, Splunk, IBM and others in Security Information and Event Management (SIEM).
291,675 professionals have used our research since 2012.
Karlo Luiten Crisc Cissp
Consultant
Security Consultant at a tech services company with 5,001-10,000 employees
Nov 26 2017

What is most valuable?

* Large scale installations work well. * The new user interface is nice. * The real-time analysis adds value. * The... more»

How has it helped my organization?

* User behavior and problems on the network are visible, which we can then solve. * We can align policies with how... more»

What needs improvement?

HPE ArcSight has a quite steep learning curve. If you get to know the product well, it is the most powerful product... more»

What's my experience with pricing, setup cost, and licensing??

Do not scale out (horizontally) too quickly. A good box can handle a lot of EPS. You will not need to buy more licenses... more»

Which other solutions did I evaluate??

I have also used LogRhythm, which in my opinion has less features than ArcSight. 80% of use cases work well on both,... more»

What other advice do I have??

Get a training course and start working with it quickly after getting your course. It is easy to forget all the options... more»
LaszloKereszturi
Real User
Manager at a financial services firm with 1,001-5,000 employees
Jan 31 2017

What is most valuable?

* Event correlation across multiple device categories: It allows us to have a full picture of what is happening in the... more»

How has it helped my organization?

This product gave us a clear picture of the network traffic, including the useless parts. It also allowed us to detect... more»

What needs improvement?

The web console should have all the features of the standard console. In addition, the upgrade process should be simpler.

What's my experience with pricing, setup cost, and licensing??

In order to avoid huge licensing costs, you should use pre-filtering of events, outside the ArcSight solution. We did... more»

Which other solutions did I evaluate??

I have not used any other solution. In 2005, we started directly with the HPE ArcSight solution because our company... more»

What other advice do I have??

You must understand your environment and its dynamics. Talk with IT people, write down the most important use cases,... more»
david hourani
Real User
Lead Splunk Architect at a financial services firm with 10,001+ employees
Jan 31 2017

What is most valuable?

Correlation and data normalization via CEF: The speed of ArcSight's correlation engine, together with data enrichment, makes it a great tool for... more»

What needs improvement?

Ease of use, access and simplicity: HPW ArcSight makes it hard to capitalize on reports without the use of the console. Other SIEM tools have... more»

What's my experience with pricing, setup cost, and licensing??

Price is fair compared to other SIEMs (Splunk, QRadar, etc.). It's not the go-to product if you are looking for something cheap. Go for... more»

Which other solutions did I evaluate??

We did not have a previous solution.

What other advice do I have??

My first advice is "be patient". It takes a lot of time to deploy an ArcSight infrastructure, but the result is worth it. Technically, it’s a... more»
Shane Lawrence
Real User
Network Security Administrator at a government with 1,001-5,000 employees
Jan 25 2017

What is most valuable?

The ESM's interface is really comprehensive. While the ArcSight console is really heavy, and I tend to dislike... more»

How has it helped my organization?

The ability to correlate such a diverse range of information into a single location is invaluable.

What needs improvement?

SmartConnectors should be resilient, since they ingest directly from sources (often sources that I have no control... more»

What's my experience with pricing, setup cost, and licensing??

ArcSight is exclusively an enterprise product and it is priced accordingly.

Which other solutions did I evaluate??

I have used many products that cover some of the territory claimed by ArcSight, including: Sourcefire 3D, ELSA,... more»

What other advice do I have??

Evaluate your needs. If you're only looking to integrate logs or do simple correlations, there might be a better choice... more»
Jordan French
Consultant
Business Development Manager- Threat Management Services at a tech services company with 5,001-10,000 employees
Apr 25 2018

What is most valuable?

* Smart Connectors and Flex Wizard * Multi-tenant access * Customization for dashboards and reporting * Improvements... more»

How has it helped my organization?

Without it, we would not have a managed SIEM offering to speak of. We spent over a year evaluating leading competitors... more»

What needs improvement?

The marketplace is a bit of a joke; steps should be taken to improve participation. Micro Focus desperately needs to... more»

What's my experience with pricing, setup cost, and licensing??

Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service. A... more»

Which other solutions did I evaluate??

We have not use a previous solution past its initial evaluation period.

What other advice do I have??

It has its quirks, but ultimately, it delivers capabilities that no other SIEM could provide.
Alexander Kuzmin
Real User
Security Expert at a tech services company with 501-1,000 employees
Jan 25 2017

What is most valuable?

* High flexibility: There are many custom sources of information that we wouldn't be able to integrate with another... more»

How has it helped my organization?

* Losses from security incidents have significantly decreased. * Security incident discovery and mitigation is a matter... more»

What needs improvement?

The overall complexity of the product can be overwhelming for some. It's not the type of solution where you just plug... more»

What's my experience with pricing, setup cost, and licensing??

The pricing and licensing model has changed dramatically over the last years, so I can't really give much advice on its... more»

Which other solutions did I evaluate??

We have evaluated several solutions and HPE ArcSight was the only one that satisfied our requirements in performance,... more»

What other advice do I have??

The keys to success with this solution are: * Careful deployment planning * Readiness to invest time and resources into... more»
See 12 More ArcSight Reviews

Articles

User Assessments By Topic About ArcSight

Find out what your peers are saying about Micro Focus, Splunk, IBM and others in Security Information and Event Management (SIEM).
291,675 professionals have used our research since 2012.

ArcSight Questions

ArcSight Projects By Members

ArcSight Consultants

What is ArcSight?

ArcSight is Micro Focus' leading Security Information and Event Management (SIEM) solution. ArcSight helps businesses protect their data through compliance solutions and security analytics.

There are a number of different products and solutions in the ArcSight family so you are able to pick and choose those that are best suited to your business requirements.

With ArcSight, IT can:

  • Monitor IT infrastructure.
  • Manage insider security with secure identity and access control.
  • Automate compliance.
  • Monitor applications.
  • Manage security risks.
  • Identify APTs.
Also known as
Micro Focus ArcSight, HPE ArcSight
ArcSight customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

BUYER'S GUIDE
Not sure which Security Information and Event Management (SIEM) solution is right for you?

Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Micro Focus, Splunk, IBM, and more!

Sign Up with Email