Item: Arcsight by OpenText
Rating: 8
Author: Verified User

Use Cases and Deployment Scope

I use ArcSight ESM to provide security monitoring services to several customers cutting across different verticals like Finance, Oil and Gas, Retail to name a few. Our company is one of the largest Managed Security Services provider in the region and we use multiple SIEM tools to cater to the ever-growing MSSP market and ArcSight Enterprise Security Manager is one of them.

Pros and Cons

Industry standard log parsing using CEF (Common Event Format)
Excellent correlation capabilities
Good overall vendor support when it comes to supporting on operational issues

Search times are very slow and this is due to their archaic CORR database, an immediate overhaul is needed
New plug-ins related to niche features are not rolled out timely, for example feature rich dashboards
Featured like Machine Learning and Artificial Intelligence which are industry talks are completely missing

Return on Investment

The overall impact is neutral since it balances the investment and returns.
Since it is less expensive compared to its competitors, it is fairly suited in an environment with less expectations and less budget.
It does not fit in at all where the security monitoring is at an elevated level and there are routing threat hunting exercises that need to be performed daily.

Support Rating

ArcSight ESM scores well when it comes to parsing, ingestion, asset modelling, correlation and log storage. It is fairly inexpensive and has some good vendor support for operational issues. Scalability is also easy and cost-effective as compared to other SIEM solutions out there is the market.

On the flip-side, the product life-cycle management by the vendor has been very disappointing as no new features or modules have been added that can add value to operations.

Key Insights

Do you think Arcsight by OpenText delivers good value for the price?

Yes

Are you happy with Arcsight by OpenText's feature set?

Did Arcsight by OpenText live up to sales and marketing promises?

Did implementation of Arcsight by OpenText go as expected?

Yes

Would you buy Arcsight by OpenText again?

Usability

Overall, it is a good investment in order for an organization to stay compliant and stay secure from all the wild things happening. It is definitely a cost effective tool with some good features including correlation, log storage, reporting and dashboards. If a customer is looking for advanced set of features, then I would highly not recommend this.

Likelihood to Recommend

In the current lot of hundreds of SIEM solutions out there in the market, ArcSight ESM is fairly less expensive with strong fundamentals in place. The log ingestion, correlation are very well performing and totally worth ROI. However, the tool has lost its way when it comes to staying abreast with current feature curve of SIEM technology and the evolution has not been done by MicroFocus. Search times are high and there is no major plug-in that has been introduced as part of the product life cycle.

ArcSight - Enterprise Security Manager Review

Overall Satisfaction with Arcsight Enterprise Security Manager (formerly HP Arcsight)