2019-06-13T12:36:00Z

What advice do you have for others considering ArcSight Enterprise Security Manager (ESM)?

Julia Miller - PeerSpot reviewer
  • 0
  • 10
PeerSpot user
32

32 Answers

Irfan Ali - PeerSpot reviewer
MSP
Top 10
2024-02-13T09:20:01Z
Feb 13, 2024

In future releases, I would like to see integration with cloud platform security technologies like Azure Native Security Firewalls, Amazon, and Oracle. Overall, I would rate the solution a seven out of ten.

Search for a product comparison
VN
Real User
Top 5Leaderboard
2023-12-15T12:08:09Z
Dec 15, 2023

Compared to other vendors, ArcSight Enterprise Security Manager has a more effective dashboard. It has good pricing as well. However, they could schedule more marketing programs and activities similar to those of their competitors. I rate it an eight out of ten.

TG
Real User
2023-06-30T15:06:57Z
Jun 30, 2023

I would rate the tool a seven out of ten. The solution has gone beyond signature-based monitoring and analysis and is AI-powered. It is good enough to cover the full range of cybersecurity services.

RS
Real User
Top 5Leaderboard
2023-04-03T17:32:07Z
Apr 3, 2023

I'm not sure which version of the solution I'm using. Users should have a good knowledge of the management of logging, including how to write log queries and the development of custom connectors. There is some technical skill necessary. I'd rate the solution seven out of ten overall.

JA
Consultant
Top 20
2023-01-13T12:46:38Z
Jan 13, 2023

I rate the solution a six out of ten. The solution is good, but its integration and reporting features can be improved. I advise users to have a mature security infrastructure and scale up their technical resources. However, for smaller organizations considering the solution, I advise them to think of other solutions before using ArcSight Enterprise Security Manager.

BenNnatuanya - PeerSpot reviewer
Real User
Top 5
2022-11-11T12:45:00Z
Nov 11, 2022

I would recommend ArcSight Enterprise Security Manager to a small degree. However, there are quite a few products on the market now that are easier to use. Other products are providing more insight and providing user entity behavior analytics. Overall, I would rate ArcSight ESM a six out of ten.

Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Seshi Dumpa - PeerSpot reviewer
Real User
Top 5
2022-10-07T11:07:35Z
Oct 7, 2022

I rate this solution an eight out of ten in terms of the inbuilt features and how it has grown into a strong solution over the years. The team has done an excellent job with the features, integrations, and compatibility. Regarding advice, I think the assessment on currently sizing the product to their need is key. It's an expensive product, so sizing is the most important choice. In addition, I believe moving to cloud has more robust integration features. They are building new custom solutions that can be integrated with ESM for better analysis.

Riccardo Rosso - PeerSpot reviewer
Consultant
Top 20
2022-07-31T13:27:59Z
Jul 31, 2022

ArcSight ESM is a very powerful platform, but you have to be careful in designing rules and defining an initial set of targets because otherwise, you could end up with high costs or a hugely demanding setup. I would rate ArcSight ESM seven out of ten.

SW
Real User
Top 20
2022-07-17T19:17:27Z
Jul 17, 2022

We are replacing ArcSight ESM with Microsoft Sentinel. We wanted to shift to cloud-based, cloud-scalable technology. My advice to others is for them to take a hard look at the total cost of ownership, specifically the maintenance and upkeep that's required to maintain the appropriate service levels. I rate ArcSight ESM a four out of five.

Subhadip Pakrashi - PeerSpot reviewer
Real User
Top 5Leaderboard
2022-07-06T15:30:09Z
Jul 6, 2022

I will only make recommendations based on the customer's requirements and environment. On a scale from one to ten, I would give ArcSight Enterprise Security Manager (ESM) a seven.

Anand-Dutta - PeerSpot reviewer
Reseller
Top 20
2022-07-04T18:39:00Z
Jul 4, 2022

I'm not using the latest version of ArcSight Enterprise Security Manager (ESM). ArcSight Enterprise Security Manager (ESM) is not being used by the entire organization, but at least a thousand users use it, though I'm not 100% sure. The solution is used daily, and it's integrated and customized and has become part of the internal monitoring and compliance check of my company. My advice to others who want to implement ArcSight Enterprise Security Manager (ESM) is that it's a great product, especially because it increased its feature sets and it has good integration with third-party solutions, for example, with other OEMs, with CrowdStrike, etc. The value proposition of the solution is also getting better and better, and usage-wise, ArcSight Enterprise Security Manager (ESM) is also good. I would rate ArcSight Enterprise Security Manager (ESM) nine out of ten because even if it's an old product, it's been working well for quite some time. It has a huge customer base. I've not seen any issues, so I'm rating it a nine, but not a ten because there's always room for improvement. My company is a reseller of ArcSight Enterprise Security Manager (ESM).

HungTran2 - PeerSpot reviewer
MSP
Top 20
2022-07-01T14:50:24Z
Jul 1, 2022

I rate ArcSight Enterprise Security Manager an eight out of ten

AbhishekMishra - PeerSpot reviewer
Real User
Top 10
2022-04-27T10:53:29Z
Apr 27, 2022

I would rate this solution 7 out of 10. My advice is to get proper training. It also depends on which component someone is working on. ArcSight support will not be able to help every time because ArcSight professional services are pretty costly. I haven't seen any organization taking ArcSight professional support. We only have normal support. It needs a bunch of experts to support these kind of operations. You will need a strategy for how deployment is going to be, how much the capacity planning will be, what the configuration of servers will be, how they will architect it, etc.

NB
Real User
Top 20
2022-04-11T18:24:11Z
Apr 11, 2022

My advice to others is for them to have some training before they use the solution. I rate ArcSight Enterprise Security Manager a nine out of ten.

Md. Shahriar Hussain - PeerSpot reviewer
Real User
Top 5
2022-02-10T13:29:20Z
Feb 10, 2022

I rate ArcSight three out of 10. I would never recommend it. I would recommend QRadar, LogRhythm, or Exabeam, but they all cost more. Price is its only advantage.

Alexander Zhekov - PeerSpot reviewer
Real User
2022-01-17T06:13:00Z
Jan 17, 2022

We are a distributor here in Bulgaria for Micro Focus. We distribute ArcSight Enterprise Security Manager (ESM) here in Bulgaria and we are in touch with Micro Focus for the ArcSight portfolio. I'm not a very technical guy. Especially for our market here in Bulgaria, it's very important to have local technical support from Micro Focus, e.g. presales engineers, to be able to close more sales, because the main competitor here: IBM Security QRadar has representation with local technical engineers. This is important when we are trying to do a new business. Deploying this solution requires three to five engineers: network and EMC engineers. ArcSight Enterprise Security Manager (ESM) is a very popular product with our customers, though we are trying to promote it daily and weekly to make it even more popular. We have a dedicated marketing channel for this. My advice to future clients looking into implementing this solution is that every company needs it, especially in this day and age when it is mandatory to have cyber security investigation and protection. Another advice is that if you want this project to be successful, you must rely on a local technical team who will be able to implement and configure the product. I'm rating ArcSight Enterprise Security Manager (ESM) an eight out of ten because there is still room for improvement.

JM
Real User
2021-12-09T16:58:00Z
Dec 9, 2021

I would rate this solution an eight out of ten. It's been useful and would recommend it to others. I'd also advise to take just the initial architect for implementation because that was critical for us in making the appropriate selections prior to deployment.

OO
Real User
2021-07-17T05:30:28Z
Jul 17, 2021

I would recommend this solution to others. I rate ArcSight Enterprise Security Manager (ESM) a seven out of ten.

MJ
Real User
2021-06-27T15:01:36Z
Jun 27, 2021

I rate ArcSight Enterprise Security Manager (ESM) as a 8 out of ten.

SS
Real User
2021-02-22T18:09:05Z
Feb 22, 2021

I would rate ArcSight Enterprise Security Manager (ESM) an eight out of ten.

ON
Real User
2021-02-18T20:26:33Z
Feb 18, 2021

It is a very good product. I would rate ArcSight ESM an eight out of ten.

Ashraf Abbas - PeerSpot reviewer
Real User
Top 20
2021-02-15T21:51:11Z
Feb 15, 2021

I would recommend this solution to anyone looking for an on-prem SIEM solution. It has been the best SIEM solution that I've worked with. I would rate ArcSight ESM a nine out of ten. It is a great solution.

MS
Real User
2021-02-12T22:45:27Z
Feb 12, 2021

We have used on-premises previously. We have never tested the cloud option if they have one. I would rate the solution seven out of ten. I consider Splunk and LogRhythm to be the number one solutions in the market. I would advise others to try to be very careful when they got a quote from ArcSight, as, in the end, what they offer to you initially is not what you will end up in the end in terms of budgeting and pricing, and the level of expectations.

VN
Real User
Top 5Leaderboard
2020-12-01T22:31:39Z
Dec 1, 2020

Depending on the size of the companies, I would recommend this solution. It's more suited for small to medium-sized companies. I would rate this solution an eight out of ten.

Sandeep Sehrawat - PeerSpot reviewer
Real User
Top 5
2020-11-22T15:44:00Z
Nov 22, 2020

I would rate it a seven out of ten. In the next release, I would like for them to include a list of integrated devices.

AB
Real User
2020-09-21T06:33:00Z
Sep 21, 2020

We're just a customer. We don't have a business relationship with the company. We're using the latest version of the solution. I'm not sure of the exact version number. I'd rate the solution eight out of ten. Due to the technology inherant the background of the product. Overall, it's quite good, although we have run into stability issues in the past.

SS
Real User
2020-09-09T06:29:00Z
Sep 9, 2020

If you have data centers, an SME or in-house resource to train people, and no budget constraint, then go with IBM. If you have a limited budget, hybrid environment, and untrained manpower, then go for Darktrace, AlienVault, or some other solution. I would rate ArcSight an eight out of ten.

GM
Real User
2020-08-16T08:00:00Z
Aug 16, 2020

Honestly, I won't recommend the ArcSight to another person. I would rate this solution a four out of 10.

Abbasi Poonawala - PeerSpot reviewer
Real User
Top 5Leaderboard
2020-08-13T08:33:00Z
Aug 13, 2020

I'm neutral on whether I would recommend this solution. It depends on what typology you are using, and your use cases. If you have a different endpoint, or security tool already doing what this product does and it's already integrated with CMDB, and there's a tool at the endpoint giving the CVS Score, then you don't need an SIEM platform. On the pricing side, QRadar is much costlier compared to ArcSight. There's a trade off. Anyone aiming for something specific will go for ArcSight monitoring rather than going for Qradar because deployment of the SIEM is not so easy for the larger deployment typologies in the financial services sector. It's not easy to scale up for different lines of businesses unless you have proper planning, methodologies, processes, and your SOPs are in place. If you follow the proper SOPs, things are easier. I would rate this solution a six out of 10.

BS
Real User
2020-08-03T06:11:05Z
Aug 3, 2020

We're an authorized partner. We provide this solution to our clients. In terms of implementation, new users should make a list of the requirements they need in order to have a broad idea of what they want the solution to achieve. Once they understand their requirements, it will be easier to find a solution that will match them. For Arcsight, users need to go in with the compliance packs. Arcsight has some additional modules called compliance packs, which can get you automatic reports. That needs to be configured pretty well. The biggest piece everyone needs to consider is the sizing part. It's an on-premise solution. If you are not buffering the sizing with at least about 25% additional computation and the storage space, then you're in for trouble down the line. Always go bigger than you need. Overall, I'd rate the solution seven out of ten. ArcSight, in the last one and a half years, have been delivering on time, in terms of a better dashboard, a better user interface, and now, with an add-on EDA. MailStore is also getting into it. We are seeing that they are catching up with what the market needs. We will have to wait and see what the new release brings. Version Eight is coming in now. They seem to be doing everything now and are committing for some great features in a future release.

LH
Real User
2019-06-16T07:23:00Z
Jun 16, 2019

In summary, this solution requires a dedicated person that has specific competency in this product. It is not a plug and play product that allows you to simply focus on the analytics. It is not easy for an amateur. The suitability of this solution depends on the complexity of the system. If the organization is very large, for example nationwide, then a log-based approach such as this one will be very difficult to implement. Obviously, if the device does not generate a log then it is not supported by this solution. Our client has successfully deployed it for use with several devices, including firewalls and IPS, but they have no support for some in-house applications. I would rate this solution a five out of ten.

Rikin Rathod - PeerSpot reviewer
Real User
Top 10
2019-06-13T12:36:00Z
Jun 13, 2019

This is a really good solution and I would recommend it. If you know how to work it, and how to configure it properly, then it can give you lots and lots of information. On the other hand, it provides so much detail that people can miss things. If the interface and reports were minimized and consolidated then it would be better. I would rate this solution a seven out of ten.

ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts. ArcSight Enterprise Security Manager (ESM) Features Real-time...
Download ArcSight Enterprise Security Manager (ESM) ReportRead more

Related Q&As