Information Security Consultant with 1,001-5,000 employees
ArcSight helps a lot in auditing system and network admins; Needs to improve in High Availability
What is most valuable?
The ArcSight log collection mechanism is simple and it supports a large number of devices. Rules, Report and Dashboard can be customized based on the user requirements and hence it helped a lot to impress our customers. Additionally, ArcSight has tight integration with incident response tools such as HP Threat Response Manager, CIRT and Encase. ArcSight provides platform to integrate third party dashboard tools such as idashboard and Tableau. Also HP ArcSight inbuild case management is very simple and can be exported to external HP service Manager.
How has it helped my organization?
ArcSight helps to track all configuration changes and correlates with corresponding service tickets. Hence, helps a lot in auditing system and network admins with minimal time and cost. ArcSight use cases which helps us to detect insider threats as well as external attacks. Before implementing SIEM, these were not detected by manual monitoring process. Lastly, ArcSight helps the human resource team and Fraud management team in incident analysis and provides forensic data as needed. This was always a challenge to the team previously.
What needs improvement?
As of now, HP doesn’t have healthy integration of flows, this could use significant improvement. High Availability is a major concern for all of our customers, HP needs to significantly improve in HA.
For how long have I used the solution?
I have been using this solution for the last 6 years.
Buyer's Guide
ArcSight Enterprise Security Manager (ESM)
April 2025
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
851,823 professionals have used our research since 2012.
What was my experience with deployment of the solution?
No. ArcSight implementation is simple and robust.
What do I think about the stability of the solution?
Yes. ArcSight Logger and Connector appliance RAID failed sometimes.
What do I think about the scalability of the solution?
No.
How are customer service and support?
Customer Service: Good.Technical Support: HP support needs to improve a lot. For solving one ticket HP support takes a lot of time and there is no proper problem management process.
Which solution did I use previously and why did I switch?
I have been working with ArcSight since I started my career.
How was the initial setup?
Straightforward. All the components are clubbed into single installable so installation is very simple and straight forward.
What about the implementation team?
Vendor. They had a good amount of ArcSight implementation experience.
Which other solutions did I evaluate?
We evaluated Alien Vault.
What other advice do I have?
I would recommend buying ArcSight.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free ArcSight Enterprise Security Manager (ESM) Report and get advice and tips from experienced pros
sharing their opinions.
Updated: April 2025
Product Categories
Security Information and Event Management (SIEM)Popular Comparisons
Microsoft Sentinel
Splunk Enterprise Security
IBM Security QRadar
Elastic Security
Rapid7 InsightIDR
Fortinet FortiSIEM
Google Chronicle Suite
Securonix Next-Gen SIEM
Sumo Logic Security
Buyer's Guide
Download our free ArcSight Enterprise Security Manager (ESM) Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- Exporting Nessus Data Logs to HP ArcSight ESM
- What Solution for SIEM is Best To Be NIST 800-171 Compliant?
- When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
- What are the main differences between Nessus and Arcsight?
- What's The Best Way to Trial SIEM Solutions?
- Which is the best SIEM solution for a government organization?
- What is the difference between IT event correlation and aggregation?
- What Is SIEM Used For?
- RSA-EMC vs. other SIEM products?
