ArcSight - A better insight security solution
December 10, 2019
ArcSight - A better insight security solution
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Arcsight Enterprise Security Manager (formerly HP Arcsight)
Arcsight is being used in the security department in our organization. It is used as a SIEM (Security Event and Incident Manager) tool in our organization. As any other SIEM tool, we used Arcsight Enterprise security manager for managing security on all of our endpoint devices, It was one of the best and demanding tool at the time we have implemented in our organization and provide a number of features which help us to have a quick check and easy handling of security event and incidents on all the endpoint devices. To be specific, Arcsight Enterprise security manager is used for integrating all endpoint safety management tool be it IPS, IDS, Firewall, Anti-virus etc. and help to reduce the redundant and false-positive alerts which may not be useful from the security perspective and help us to have a quick check of a lot devices in an effective way.
It also help us to check the complete activity that has been perform on any of the endpoint device integrated with it, creating own rule and filters and creating active channel dashboards that help us to keep a vigil watch in case any big event happens on any devices.
It also help us to check the complete activity that has been perform on any of the endpoint device integrated with it, creating own rule and filters and creating active channel dashboards that help us to keep a vigil watch in case any big event happens on any devices.
- Integration with smart logger and ESM to create rules and easy management of the same.
- Easy integration with all end point security management tool(IPS/IDS, Firewall, Anti-Virus) and their consolidated output at a single place to effectively rectifying true and false positives.
- There is a storage problem that should be improved for better management.
- There is need to improve the search mechanism.
- It helps us a lot which managing security event and incidents.
- It is also very useful to have a dashboard for an quick overview and scheduled reports for timely checks of all activities.
- It requires more space and search management to be one of the favorites on the market.
We are currently using Elastic search as well for better management of our devices and to keep all the loopholes filled that have been created around the non-upgraded version of Arcsight Enterprise Manager. Elastic searches have the latest mechanism to fetch logs and correlated data, as well as process them in a more useful way.
Do you think Arcsight by OpenText delivers good value for the price?
Yes
Are you happy with Arcsight by OpenText's feature set?
Yes
Did Arcsight by OpenText live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Arcsight by OpenText go as expected?
Yes
Would you buy Arcsight by OpenText again?
Yes