Item: Arcsight by OpenText
Rating: 9
Author: Verified User

Use Cases and Deployment Scope

It was being used across the whole IT organization. It fully covers the all of the security and the other IT products in a good way. When we needed a simple log to show to anyone, we were used ArcSight Logger.

Pros and Cons

User friendly interface.
Easy to create queries and rules to make all the things automatic.
Backup, maintenance and support of this product are always nearly perfect.

Current version 6.90 is still very clunky.
High complex architecture needs to be improved.
HP support team or exclusive support team must understand your needs.

Return on Investment

Logger helps us to decrease incident response times.
It also decreased our project times with the man/day calculations. Before this solution, it may take up to 10 men/days to do something. After this, it becomes nearly half of the time.

Alternatives Considered

Splunk Enterprise and IBM Security QRadar

Actually we weren't [in a] decisive situation at that time. We had only a few weeks to make a decision and our firm has good relationships with the HP Support team. That's why I can't compare them all properly, but we searched these 2 different solutions to show differences.

Other Software Used

Forcepoint TRITON, Symantec Endpoint Protection, Cisco IronPort Web Security Appliance

Likelihood to Recommend

You can use HP ArcSight Logger in every type of firm size. If the organization does not have an already established Security/Risk culture, it's better to prepare that before implementing a SIEM or SOC entity. If it's not, it's not possible to feed the Logger with the proper data.

A great SIEM solution

Overall Satisfaction with ArcSight Logger