OpenText ArcSight Enterprise Security Manager (ESM) Reviews & Product Details

ArcSight ESM gives real-time security events from the security devices, network devices, and endpoint machines. The ArcSight connectors support Linux and Windows servers. The microfocus customer support is good and responsive. The User interface of the ArcSight ESM is in classic style. It is easy to assign and annotate the security to the client and senior security analysts. We can integrate the firewall, proxy, Web application firewall, EDR, Servers, IPS, IDS, etc with the Arcsight SIEM Tool. The security analyst can create custom correlation rules and import the most used case for correlation. Review collected by and hosted on G2.com.

The license and pricing model is expensive for small-scale enterprises. Violation of the license usage may result in disabling the searching and reporting feature. The implementation of ArcSight needs skill and support from the vendor to deploy on the IT infrastructure. Review collected by and hosted on G2.com.

What I liked about ArcSight ESM was its robust security event management capabilities. It allowed us to efficiently collect, correlate, and analyze security data from various sources, aiding us in quickly identifying and responding to past security threats. The platform's flexibility in customization, alerting, and reporting made it a valuable asset in our previous cybersecurity efforts. Review collected by and hosted on G2.com.

What I didn't like about ArcSight ESM was its complexity and learning curve. It required a significant amount of time and effort to fully grasp its features and functionalities. Additionally, the licensing costs for certain modules or additional features can be quite high, making it less accessible for smaller organizations with limited budgets. While powerful, it may not be the most cost-effective solution for everyone. Review collected by and hosted on G2.com.

ArcSight offers incredible customizability for creating, viewing and managing any use cases a SOC needs from dashboards, active channels, reports, trends and many others. Review collected by and hosted on G2.com.

The console's UI seems a bit outdated, also, selecting a dashboard or an active channel from the viewer changes the location of all other tabs on it, which is kind of annoying, to me, at least. Review collected by and hosted on G2.com.

Well used this product for 2 to 3 years, Only good thing about this product was the event search tab which was easy to search and hunt while doing an investigation. Review collected by and hosted on G2.com.

The agent is resource intensive, the UEBA module is missing, Alarm/alert trigger quite late which leads to a breach of SLAs. Review collected by and hosted on G2.com.

Each log can be viewed in detail if we have integrated all the devices teuiqred to monitor properly from logger.Also for additional investigation we can analyse the logger logs which is pretty simple to check. Review collected by and hosted on G2.com.

Integration of devices to ESM is time taking and gets lots of errors and needs lots of experience. Review collected by and hosted on G2.com.

The scalability and flexibility provided. You can customize and implement any type of use case.

Variables and custom columns very useful. Review collected by and hosted on G2.com.

Multiple interfaces Provided to access and manage the SIEM. Review collected by and hosted on G2.com.

Arcslight gives you plenty of option of to play with, it is highly customizable in terms of dashboards and reporting.

It can be integrated with almost any device and ticketing system that gives it an ability to create tickets for the potential incidents automatically. Review collected by and hosted on G2.com.

It's GUI can be overwhelming at the beginning but with time you can get used to of it. Review collected by and hosted on G2.com.

ArcSight has the best co-relation engine when it comes to the SIEM tool. It helps users to follow the CIA triad and the rules engine is the best selling point of the ArcSight ESM. Review collected by and hosted on G2.com.

ArcSight does not have very flexible support for the third party devices when it comes to integration compared to it's competitors it supports very less devices for integration. Review collected by and hosted on G2.com.

The product is good. This have defined roadmap & support is good. Review collected by and hosted on G2.com.

Training is what is critical, MF is lagging on that front. Certications support & training should provided Review collected by and hosted on G2.com.

Fairly customizable, easy to use and their support works quickly with users Review collected by and hosted on G2.com.

I wish that the newest security patches were updated to the manager a little sooner, sometimes it takes up to 3 days Review collected by and hosted on G2.com.