Community insights

TrustRadius Insights for Arcsight by OpenText are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

User-Friendly Interface: Many users have praised the product for its user-friendly interface, stating that it is easy to navigate and perform tasks efficiently. They have found the interface to be intuitive, allowing them to quickly understand how to use the product without any difficulties. The user-friendly design has greatly contributed to the overall satisfaction of these reviewers.

Helpful Customer Support: Several users have appreciated the helpful customer support provided by the company. They have mentioned that whenever they encountered any issues or had questions about the product, they received prompt assistance from the support team. This positive experience with customer support has enhanced their overall perception of both the product and the company's commitment to providing excellent service.

Intuitive Product Usage: Many reviewers have expressed their satisfaction with how easily they were able to grasp and utilize the product's features. They mentioned that they quickly understood how to use different functionalities without any confusion or steep learning curve. This intuitive usage of the product has been a significant factor in their positive experiences and overall satisfaction.

Reviews

6 Reviews

ArcSight Intelligence SIEM(provides visibility over any devices)

Rating: 9 out of 10

Incentivized

October 30, 2023

Use Cases and Deployment Scope

ArcSight Intelligence here use as a SIEM tool.Through this we are able to integrated several devices through connectors and easily parse and analyze all the log sources with a single console.Our analyst easily monitor all the log sources and analyze the alerts also easily create filters according to their needs and nearly cover all kind of alerts .

Pros

It provide a single console to monitor several connectors.
It helps us to integrate all kind of log sources .
It helps us to create filters and manage the specific search according to usecases.
We can create several filter at the same time and manage all the device activity also create a parser to parse the logs from different devices.

Cons

It is slow comparing to any other SIEM Tool.
We have to create filter for each alerts need some custom filter .
Here we dont have any single tab for see all the alerts .also need some attractive features for dashboard.

Likelihood to Recommend

For multiple client we can create filters to analyze the logs and monitor through out the day.
It covers all kind of devices so easily integrate any device and analyze their activity.
Can manage multiple client and minimze the false positive easily according to organizations needs and requirements.
Its provide facility to merge any of the SOAR tool .we can also see connectors status on a single pane that helps us in troubleshooting

Rajat Singh

Consultant in Information Technology at Grant thornton bharat llp (1001-5000 employees)

Vetted Review

1 year of experience

View profile

ArcSight - Enterprise Security Manager Review

Rating: 8 out of 10

Incentivized

May 23, 2022

Use Cases and Deployment Scope

I use ArcSight ESM to provide security monitoring services to several customers cutting across different verticals like Finance, Oil and Gas, Retail to name a few. Our company is one of the largest Managed Security Services provider in the region and we use multiple SIEM tools to cater to the ever-growing MSSP market and ArcSight Enterprise Security Manager is one of them.

Pros

Industry standard log parsing using CEF (Common Event Format)
Excellent correlation capabilities
Good overall vendor support when it comes to supporting on operational issues

Cons

Search times are very slow and this is due to their archaic CORR database, an immediate overhaul is needed
New plug-ins related to niche features are not rolled out timely, for example feature rich dashboards
Featured like Machine Learning and Artificial Intelligence which are industry talks are completely missing

Likelihood to Recommend

In the current lot of hundreds of SIEM solutions out there in the market, ArcSight ESM is fairly less expensive with strong fundamentals in place. The log ingestion, correlation are very well performing and totally worth ROI. However, the tool has lost its way when it comes to staying abreast with current feature curve of SIEM technology and the evolution has not been done by MicroFocus. Search times are high and there is no major plug-in that has been introduced as part of the product life cycle.

Verified User

Team Lead in Information Technology (501-1000 employees)

Vetted Review

8 years of experience

A good, but complex, SIEM tool

Rating: 6 out of 10

Incentivized

December 16, 2019

Use Cases and Deployment Scope

As a managed SOC provider, ArcSight is the base of our SOC team. We deploy event receivers (connectors and brokers) in each of our clients and the data is aggregated on our ESM. We then are able to monitor the client environment from our SOC and investigate incidents in the client environment.

Pros

Really robust tool, as it can expand to millions of EPS.
Support clustering.

Cons

ArcSight is a really complex tool, but it's not that easy to implement and maintain.
Troubleshooting issues on ArcSight can be hard if you have a large environment.

Likelihood to Recommend

I do recommend Arcsight for clients that have a large environment and requires tons of customization. For example, if you have 10.000+ log sources, and you want to do a custom integration with ElasticSearch, then Arcsight is for you. If you have a medium-sized company, with no requirements for complex customizations, and if you're looking for an easy tool to deploy and maintain, then you should check another solution.

Verified User

Consultant in Professional Services (5001-10,000 employees)

Vetted Review

1 year of experience

ArcSight - A better insight security solution

Rating: 8 out of 10

Incentivized

December 10, 2019

Use Cases and Deployment Scope

Arcsight is being used in the security department in our organization. It is used as a SIEM (Security Event and Incident Manager) tool in our organization. As any other SIEM tool, we used Arcsight Enterprise security manager for managing security on all of our endpoint devices, It was one of the best and demanding tool at the time we have implemented in our organization and provide a number of features which help us to have a quick check and easy handling of security event and incidents on all the endpoint devices. To be specific, Arcsight Enterprise security manager is used for integrating all endpoint safety management tool be it IPS, IDS, Firewall, Anti-virus etc. and help to reduce the redundant and false-positive alerts which may not be useful from the security perspective and help us to have a quick check of a lot devices in an effective way.
It also help us to check the complete activity that has been perform on any of the endpoint device integrated with it, creating own rule and filters and creating active channel dashboards that help us to keep a vigil watch in case any big event happens on any devices.

Pros

Integration with smart logger and ESM to create rules and easy management of the same.
Easy integration with all end point security management tool(IPS/IDS, Firewall, Anti-Virus) and their consolidated output at a single place to effectively rectifying true and false positives.

Cons

There is a storage problem that should be improved for better management.
There is need to improve the search mechanism.

Likelihood to Recommend

Arcsight was one of the best SIEM tools at the time it entered the market and has advanced features that make it a favorite for a number of organizations, but they lack to upgrade it with the time. Some of there features are still at their best but required timely update to manage with the other competitor present in the market.
If I have to choose the key points, they would be :

User management.
Smart Logger.

And if I were to point out where it is currently lagging :

UI needs improvement.
Slow search functionality.

Jatin Rai

Network Engineer in Information Technology at Adidas (10,001+ employees)

Vetted Review

2 years of experience

Worth having SIEM Arcsight

Rating: 9 out of 10

Incentivized

October 22, 2019

Use Cases and Deployment Scope

Arcsight is used as a whole. Every piece of technology can be integrated with Arcsight & it can be used for monitoring from a security point of view. We can keep track of trends of alerts & configure rules as per our requirements. Whitelisting also can be done which is a very good feature. An overall good tool to work with. Customized connectors can also be built for software/tech that is not supported by HP.

Pros

Data management.
Security rules.
Reports can be fetched & scheduled.
User & role management.

Cons

Storage.
User console is a bit heavy & takes time for loading.
Flex development of connector.

Likelihood to Recommend

You can have customized rules & trends as per company requirements. You can integrate devices that you want even if no smart connector is present for that particular device. You can also have a list for dynamic requirements. We've created customized fieldsets & populated it with data we want with multiple data formats so that monitoring can be made easy instead of going into event details every time.

The only problem is that every time any old events are retrieved, it takes a long time to load.

Verified User

Retiree in Information Technology (10,001+ employees)

Vetted Review

4 years of experience

A great SIEM solution

Rating: 9 out of 10

Incentivized

April 16, 2018

Use Cases and Deployment Scope

It was being used across the whole IT organization. It fully covers the all of the security and the other IT products in a good way. When we needed a simple log to show to anyone, we were used ArcSight Logger.

Pros

User friendly interface.
Easy to create queries and rules to make all the things automatic.
Backup, maintenance and support of this product are always nearly perfect.

Cons

Current version 6.90 is still very clunky.
High complex architecture needs to be improved.
HP support team or exclusive support team must understand your needs.

Likelihood to Recommend

You can use HP ArcSight Logger in every type of firm size. If the organization does not have an already established Security/Risk culture, it's better to prepare that before implementing a SIEM or SOC entity. If it's not, it's not possible to feed the Logger with the proper data.

Verified User

Administrator in Information Technology (10,001+ employees)

Vetted Review

1 year of experience

Loading Reviews List....

ArcSight - A better insight security solution

Rating: 8 out of 10

Incentivized

December 10, 2019

Use Cases and Deployment Scope

Pros

Integration with smart logger and ESM to create rules and easy management of the same.
Easy integration with all end point security management tool(IPS/IDS, Firewall, Anti-Virus) and their consolidated output at a single place to effectively rectifying true and false positives.

Cons

There is a storage problem that should be improved for better management.
There is need to improve the search mechanism.

Likelihood to Recommend

User management.
Smart Logger.

And if I were to point out where it is currently lagging :

UI needs improvement.
Slow search functionality.

Jatin Rai

Network Engineer in Information Technology at Adidas (10,001+ employees)

Vetted Review

2 years of experience