We changed our name from IT Central Station: Here's why
Principal Enterprise Architect (Technology, Cloud & Security) at a retailer with 10,001+ employees
Real User
It supports cloud deployment and is very stable
Pros and Cons
  • "The feature that I have found the most useful is that it can be deployed to the cloud."
  • "The centralized dashboard for the hybrid cloud environment needs to be more focused. It needs to be redefined because it's missing most of the information. It should be a little bit easy to use. Currently, integration with various applications and connectors is not that easy. Deployment is easy, but integration is not that easy. ArcSight also has a very high bandwidth consumption to pull the local servers. It should have some kind of better process or ability to transfer files from on-premises to the cloud, from the cloud to on-premises, and from a cloud to another cloud."

What is most valuable?

The feature that I have found the most useful is that it can be deployed to the cloud.

What needs improvement?

The centralized dashboard for the hybrid cloud environment needs to be more focused. It needs to be redefined because it's missing most of the information.

ArcSight should also be a little bit easy to use. Currently, integration with various applications and connectors is not that easy. Deployment is easy, but integration is not that easy. 

ArcSight also has a very high bandwidth consumption to pull the local servers. It should have some kind of better process or ability to transfer files from on-premises to the cloud, from the cloud to on-premises, and from a cloud to another cloud.

For how long have I used the solution?

I have been using ArcSight for six years. 

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

It is not always scalable.

How are customer service and technical support?

I didn't take any kind of support.

Which solution did I use previously and why did I switch?

I have worked with IBM QRadar. IBM QRadar is very expensive, and it is not easy to deploy like ArcSight. It can't be deployed without an SME. ArcSight is better than IBM QRadar.

How was the initial setup?

The initial setup was very straightforward. It hardly took four weeks. 

What other advice do I have?

If you have data centers, an SME or in-house resource to train people, and no budget constraint, then go with IBM. If you have a limited budget, hybrid environment, and untrained manpower, then go for Darktrace, AlienVault, or some other solution.

I would rate ArcSight an eight out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Manager at a tech services company with 11-50 employees
Real User
Top 5
Scalable, with good support and live reporting
Pros and Cons
  • "The most useful features are directories, price, and live reporting."
  • "The customer experience could be improved."

What is our primary use case?

We are resellers. We deal with many vendors to provide and implement solutions for our clients. We primarily use this product for logging data.

What is most valuable?

The most useful features are directories, price, and live reporting.

What needs improvement?

The customer experience could be improved.

I think they can improve the AI and monitoring. Also, they need an updated database.

For how long have I used the solution?

I have been dealing with this solution for approximately three years.

We are working with the last updated version.

What do I think about the stability of the solution?

The stability can be improved. The competitors are more stable.

What do I think about the scalability of the solution?

It's a scalable product and the scalability is good.

Our clients are usually enterprise companies.

How are customer service and technical support?

The technical support is good. They have been able to resolve our issues.

Which solution did I use previously and why did I switch?

We are using SIEM. It has a better dashboard and is more complete.

How was the initial setup?

The initial setup can be simple and also complex. It depends on the client's infrastructure.

What about the implementation team?

We implement the solution and maintain it for the clients.

What's my experience with pricing, setup cost, and licensing?

It's a good price, it's one of the cheaper solutions.

There are no additional costs.

What other advice do I have?

Depending on the size of the companies, I would recommend this solution. It's more suited for small to medium-sized companies.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
563,327 professionals have used our research since 2012.
MuhammadJunaid3
Techniqal Lead Enterprise Solution at a tech services company with 51-200 employees
Real User
Top 20
Arcsight ESM is one of the best SIEM platform having market leading corelation engine, which is the plus point of Arcsight ESM it is very stable by its distributed architecture and scalability.
Pros and Cons
  • "I am satisfied with the solution's stability."
  • "Micro Focus does not have a physical presence here in Pakistan, although IBM does."

What is our primary use case?

We help our customers to implement the solution to detect known threats by state of the art variety of use cased offerings.

How has it helped my organization?

Arcsight ESM help customer in Automation for their complex security use case in order to detect the bad guys.

What is most valuable?

Corelation Engine by corelating the cross domain logs.

What needs improvement?

OOB content is limited Microfocus should release the smart connector update on quaterly basis.

For how long have I used the solution?

I've been working with the Micro Focus ArcSight portfolio for nearly six years.

What do I think about the stability of the solution?

I am satisfied with the solution's stability.

What do I think about the scalability of the solution?

I am satisfied with the solution's scalability. 

How are customer service and technical support?

We are satisfied with technical support and most of our problems have been resolved.

How was the initial setup?

Simple and pretty straight forward.

What about the implementation team?

We provide the implementation and maintenance services of the solution for our customers.

Which other solutions did I evaluate?

According to the Gartner Reports and Gartner Reviews, the main competitors of the solution are IBM and Splunk. They provide their services world-wide and do much implementation in the region. 

the plus point for Arcsight ESM is having cross domain corelation feature.

What other advice do I have?

I rate ArcSight Enterprise Security Manager (ESM) as a 8 out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Information Security Analyst at a comms service provider with 1,001-5,000 employees
Real User
The roadmap is not clear but it has a very good correlation feature
Pros and Cons
  • "The correlation feature is good."
  • "The roadmap is not clear."

What is our primary use case?

Our primary use case is for security purposes. We are customers of ArcSight and I'm an information security analyst.

What is most valuable?

I think the correlation feature is one of the best features of ArcSight.

What needs improvement?

A lot of improvements could be made in the product. I think the roadmap is not clear, and there is no AI or machine learning solution. 

For how long have I used the solution?

I've been using this solution for five years. 

What do I think about the stability of the solution?

We haven't had any issues with stability. 

How are customer service and technical support?

I think there is good technical skill with the technical support but their attitude and response time is not good. 

How was the initial setup?

I recall that the initial setup was quite complex. We took subscription services for two weeks which covered the period of deployment. 

Which other solutions did I evaluate?

We are actually moving to another solution because the roadmap is not clear. We are just a small team and we don't need to monitor 24/7. We're looking to replace it with another more intelligent solution like Splunk or Securonix.

What other advice do I have?

Honestly, I won't recommend the ArcSight to another person. 

I would rate this solution a four out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ShilpaSingh
Security Engineer at a tech services company with 1,001-5,000 employees
Real User
Top 10
A stable and scalable solution with good correlation and parsing
Pros and Cons
  • "I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me."
  • "Its search part can be improved. When I go to the console and search for a few logs or something else, it takes a lot of time. When I try to search for three days or one week, it takes too much time. This is a major area of improvement. I wanted them to include features like SOAR, threat intelligence, and automation, and they seem to have included all these features in version 7.3 or 7.4."

What is most valuable?

I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me.

What needs improvement?

Its search part can be improved. When I go to the console and search for a few logs or something else, it takes a lot of time. When I try to search for three days or one week, it takes too much time. This is a major area of improvement.

I wanted them to include features like SOAR, threat intelligence, and automation, and they seem to have included all these features in version 7.3 or 7.4.

For how long have I used the solution?

I have been using this solution for approximately three to four years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is scalable.

How are customer service and technical support?

I have experience with their technical support, and I would rate them 4.5 out of 5. Whenever I have raised a ticket, I got an appropriate response. They were able to solve my problem.

What other advice do I have?

I would rate ArcSight Enterprise Security Manager (ESM) an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Manager at a tech services company with 11-50 employees
Real User
Top 5
Great real-time reporting, offers simplicity for implementation and operations
Pros and Cons
  • "Very good real-time reporting with a good dashboard."
  • "Currently lacks SOAR feature."

What is our primary use case?

We deal mainly with enterprise companies - I'm the senior manager and we are partners with ArcSight. 

What is most valuable?

The solution has a good dashboard, very good real-time reporting and it's easy to use, offering simplicity for implementation and operations.

What needs improvement?

I'd like to see an improvement in their training and documentation. SOAR (Security Orchestration, Automation, and Response) would be a good feature to include in the future. 

For how long have I used the solution?

I've been using this solution for six years. 

What do I think about the scalability of the solution?

This solution is stable and scalable. 

How are customer service and technical support?

They offer 24/7 standby support wherever you are. It's very good. 

How was the initial setup?

The initial setup is straightforward. 

What's my experience with pricing, setup cost, and licensing?

The cost is reasonable for a good solution.

What other advice do I have?

It's important to set up the organization before implementation, checking internal desktops or IT security internals before buying the solution.

I rate this product an eight out of 10. 

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Flag as inappropriate
Olakanmi Oluwole
Cyber threat Intelligence Manager at CyberLab Africa
Real User
Top 5
Scalable, good technical support, but stability could improve

What is our primary use case?

We are using ArcSight Enterprise Security Manager (ESM) for data analytics. We monitor the reports on security event information.

For how long have I used the solution?

I have been using this solution for approximately one year.

What do I think about the stability of the solution?

The solution could be more stable.

What do I think about the scalability of the solution?

We have not had any issue with the scalability. We have approximately 20 users using this solution in my organization.

How are customer service and technical support?

We have been satisfied with the support.

How was the initial setup?

The installation was easy.

What about the implementation team?

We had assistance with the implementation of the solution. We have…

What is our primary use case?

We are using ArcSight Enterprise Security Manager (ESM) for data analytics. We monitor the reports on security event information.

For how long have I used the solution?

I have been using this solution for approximately one year.

What do I think about the stability of the solution?

The solution could be more stable.

What do I think about the scalability of the solution?

We have not had any issue with the scalability.

We have approximately 20 users using this solution in my organization.

How are customer service and technical support?

We have been satisfied with the support.

How was the initial setup?

The installation was easy.

What about the implementation team?

We had assistance with the implementation of the solution. We have approximately five individuals that do the maintenance.

What's my experience with pricing, setup cost, and licensing?

There is a license required for this solution.

What other advice do I have?

I would recommend this solution to others.

I rate ArcSight Enterprise Security Manager (ESM) a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Information Technology Security Consultant at a computer software company with 1,001-5,000 employees
Real User
Easy setup but should offer an entire report listing of integrated devices

What is most valuable?

There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive. 

What needs improvement?

The security is difficult.  I would like to have a feature that gives us an entire report listing what devices are integrated.

For how long have I used the solution?

I have been using ArcSight for the last five years. 

How are customer service and technical support?

In the beginning, we got good support but it hasn't been what it used to be. On weekends we get the list of devices that are integrated but if we need to generate the lists of rights, it doesn't send the logs.

How was the initial setup?

The initial setup was simple. The initial setup took five to…

What is most valuable?

There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive. 

What needs improvement?

The security is difficult. 

I would like to have a feature that gives us an entire report listing what devices are integrated.

For how long have I used the solution?

I have been using ArcSight for the last five years. 

How are customer service and technical support?

In the beginning, we got good support but it hasn't been what it used to be. On weekends we get the list of devices that are integrated but if we need to generate the lists of rights, it doesn't send the logs.

How was the initial setup?

The initial setup was simple. The initial setup took five to six days.

What other advice do I have?

I would rate it a seven out of ten. In the next release, I would like for them to include a list of integrated devices. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free ArcSight Enterprise Security Manager (ESM) Report and get advice and tips from experienced pros sharing their opinions.