ArcSight Archived Reviews (More than two years old)

Filter by:Reset all filters
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Vendor
Network Security Administrator at a government with 1,001-5,000 employees
Jan 25 2017

What is most valuable?

The ESM's interface is really comprehensive. While the ArcSight console is really heavy, and I tend to dislike Java-based Windows GUIs, it's feature-rich and provides a… more»

How has it helped my organization?

The ability to correlate such a diverse range of information into a single location is invaluable.

What needs improvement?

SmartConnectors should be resilient, since they ingest directly from sources (often sources that I have no control over). But they're not resilient. The slightest change… more»

What's my experience with pricing, setup cost, and licensing?

ArcSight is exclusively an enterprise product and it is priced accordingly.

Which solution did I use previously and why did I switch?

I have used many products that cover some of the territory claimed by ArcSight, including: Sourcefire 3D, ELSA, Sguil/Squert, RSA Security Analytics and Splunk. None of… more»

What other advice do I have?

Evaluate your needs. If you're only looking to integrate logs or do simple correlations, there might be a better choice out there. If you're looking for a single product… more»

Which other solutions did I evaluate?

We evaluated QRadar and Splunk.
Consultant
Senior Information Security Engineer at a tech services company with 501-1,000 employees
Aug 31 2016

What is most valuable?

* Collection - Collects logs from a wide range of products, even those not supported by default and the users can develop a connector for log collection. * Detection - Caliber to detect subtle attacks with a powerful correlation engine. * Report/Alert - The user has multiple levels of options to… more»

How has it helped my organization?

By using ArcSight ESM and its correlation technology, it thwarts multiple attacks from external sources before exploitations such as SQL injection, UNIX password file attempt, brute force to published servers, and more. In addition, internal frauds have been prevented through preventing unauthorized… more»

What needs improvement?

ArcSight Connector appliance needs some improvement, as it has some bugs which triggers issues most of the time. I believe that the Connector is going to hit end-of-service.

What other advice do I have?

HP are doing their job perfectly by bringing new features in every version, such as RepSM, HA capability, etc. It has never failed me.
Find out what your peers are saying about Micro Focus, Splunk, IBM and others in Security Information and Event Management (SIEM). Updated: May 2020.
418,116 professionals have used our research since 2012.
Vendor
Senior Security Consultant & Solution Architect at a financial services firm with 10,001+ employees
Aug 29 2016

What is most valuable?

* Alert correlation * Reporting * Retention These are the features we find most valuable for us and which we use the most.

How has it helped my organization?

It's able to track down security incidents faster and make for a more efficient investigation of a user's network activity based on the log data available. Due simply to the user features available out-of-the-box, the convenience it can bring to any organization (when deployed and configured correctly) can greatly assist any enterprise in many facets, from an increased and enhanced security… more»

What needs improvement?

It needs additional and better user customization for SmartConnectors. It has additional device support for more obscure log sources. Also needed is a configuration wizard for organizations lacking the in-depth knowledge required to integrate the solution successfully.

What is ArcSight?

ArcSight is Micro Focus' leading Security Information and Event Management (SIEM) solution. ArcSight helps businesses protect their data through compliance solutions and security analytics.

There are a number of different products and solutions in the ArcSight family so you are able to pick and choose those that are best suited to your business requirements.

With ArcSight, IT can:

  • Monitor IT infrastructure.
  • Manage insider security with secure identity and access control.
  • Automate compliance.
  • Monitor applications.
  • Manage security risks.
  • Identify APTs.
Also known as
Micro Focus ArcSight, HPE ArcSight
ArcSight customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

BUYER'S GUIDE
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Micro Focus, Splunk, IBM, and more!