OpenText Enterprise Security Manager and Sentinel compete in the Security Information and Event Management (SIEM) category. Sentinel seems to have the upper hand with its ease of use and better customer service ratings.
Features: OpenText Enterprise Security Manager is known for its high flexibility and performance, accommodating numerous custom sources, and supports multi-tier hierarchical deployment. Meanwhile, Sentinel stands out with automation capabilities and is easy to use without requiring deep technical expertise. Both products offer robust correlation features, but OpenText excels in customization and integration capabilities, whereas Sentinel provides better scalability and management.
Room for Improvement: OpenText Enterprise Security Manager faces a steep learning curve, complexity, and needs improvements in GUI and reporting. Its reliance on Oracle DB can hinder performance speed, and enhancements are needed for usability and correlation rules. Sentinel could improve integration with specific vendor devices and enhance dashboard and cloud system connectivity.
Ease of Deployment and Customer Service: OpenText Enterprise Security Manager primarily deploys on-premises, posing setup complexity challenges and requiring significant technical expertise. Its customer service is often criticized for slowness. In contrast, Sentinel offers broader deployment options such as hybrid and public cloud environments and receives better customer support ratings for faster resolutions and consistent experiences.
Pricing and ROI: OpenText Enterprise Security Manager typically involves higher pricing with intricate licensing, offering value for enterprises requiring deep integration and scalability. It is considered a long-term investment, with ROI realized through comprehensive security features. Sentinel, while also expensive for larger deployments, aligns with competitors' pricing via a subscription model, enabling better cost management over time. Both solutions offer strategic benefits, with OpenText's higher initial investment contrasting with Sentinel's pricing flexibility.
I find that using ArcSight Enterprise Security Manager (ESM) provides a valuable return on investment as it serves as a single point of glass for logs and data analysis.
If I raise a P1 or P0 ticket, the response time is often delayed by four to eight hours.
I would rate the technical support of ArcSight Enterprise Security Manager (ESM) a nine as they are always available and responsive whenever we open a case.
The customer support for Sentinel is very good; any tickets logged will be answered immediately within the given timeframe.
It lacks some capabilities compared to other tools available in the market.
It is easy to scale, and I have not encountered any issues when we require more storage or deployment.
I would rate the stability of ArcSight Enterprise Security Manager (ESM) a nine because I have not encountered significant issues, unlike other solutions that sometimes have database errors.
The stability of ArcSight Enterprise Security Manager (ESM) is not very robust.
I would like to see the detection and response features included in the next release of ArcSight Enterprise Security Manager (ESM), as security orchestration and automation are increasingly important.
The integration aspect of ArcSight Enterprise Security Manager (ESM) needs improvement.
Price is always a consideration, so the price would be nice if it were lower.
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools.
I would rate the pricing of ArcSight Enterprise Security Manager (ESM) around seven, as it varies based on features and demand, making it more affordable for larger organizations, while smaller ones might find it expensive.
My experience with pricing, setup cost, and licensing shows that while it is a little on the higher side, since it is part of a package for all Microsoft products, I feel it is a better choice comparatively than other SIEMs in the market.
They nearly always bill it in dollars, so if it can be billed in our currency, that would be helpful and fixed in our currency.
The ability to interpret data is highly valued.
The log analysis feature is particularly valuable as it allows analysts to interpret intrusion-related logs efficiently.
Sentinel's best features include that it's a very easy product to use.
In terms of metrics showing how Sentinel has helped, as part of log filtering, we have reduced around thirty to thirty-five percent of false-positive incident creation.
| Product | Mindshare (%) |
|---|---|
| Sentinel | 2.7% |
| OpenText Enterprise Security Manager | 1.6% |
| Other | 95.7% |
| Company Size | Count |
|---|---|
| Small Business | 37 |
| Midsize Enterprise | 14 |
| Large Enterprise | 59 |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 3 |
| Large Enterprise | 8 |
OpenText Enterprise Security Manager enables real-time threat detection through scalable and adaptable solutions, integrating seamlessly with multiple platforms for complex security scenarios across different environments.
OpenText Enterprise Security Manager offers extensive security monitoring capabilities, combining log analysis and incident management to enhance cybersecurity and compliance. Its powerful event correlation engine provides real-time alerts for rapid incident response. Users benefit from customizable dashboards and comprehensive log collection, making it a significant tool in the SIEM market. Flexible deployment options cater to both on-premises and cloud environments, supporting enterprises in managing IT infrastructure and threat detection efficiently.
What are the key features of OpenText Enterprise Security Manager?In industries such as finance, healthcare, and energy, OpenText Enterprise Security Manager is implemented for monitoring critical systems and ensuring compliance with regulatory needs. Enterprises leverage its capabilities for forensic investigations and active threat management, serving as a central hub for cybersecurity operations across diverse IT infrastructures.
Sentinel is a robust platform offering seamless native integration, enhanced security through transactional data, and a user-friendly interface reminiscent of Microsoft Windows. Its capabilities in threat detection, monitoring, and business intelligence integration make it an attractive choice for organizations.
Sentinel simplifies security management with its advanced features, including the Kusto Query Language and automation abilities that reduce the complexity of coding tasks. The platform's correlation engine allows for efficient rule generation, while its threat visibility and intelligence features offer preparation against risks. Advanced hunting queries, anomaly dashboards, and scalability options enhance its utility. Users appreciate its seamless connections with Microsoft tools and ability to improve threat detection through cloud and business intelligence integration. However, enhancements could improve documentation on security aspects, simplify dashboards, and optimize drag-and-drop features. There are suggestions for better device integration, a shift to web interfaces, and improved customization options, although some users face challenges with Unix scripting.
What are the most important features of Sentinel?Sentinel finds application across sectors for logging, security event monitoring, and integration with tools like Microsoft Defender for Endpoint. Users from industries such as government and academic institutions leverage its advanced SQL query support for customized responses, enhancing security measures with AI capabilities in diverse environments.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
