Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs Fortinet FortiSIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
19th
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
97
Ranking in other categories
No ranking in other categories
Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
73
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.1%, down from 1.6% compared to the previous year. The mindshare of Fortinet FortiSIEM is 3.1%, up from 3.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh  Dubey - PeerSpot reviewer
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have been satisfied with the support."
"The solution is pretty stable."
"SmartConnector: Normalization parses raw logs and converts them into CEF (common event format). This is the core of the product."
"The most valuable feature of ArcSight ESM is its ease of use."
"ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools."
"Feature-rich solution which provides better network visibility for improved security"
"​It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts."
"It is a robust product and has multiple valuable features."
"Technical support is helpful."
"The Threat Hunting feature provides complete traffic analysis."
"FortiSIEM is a great tool for making security processes transparent."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"The tool's most valuable feature stems from the fact that I can see a complete analysis, like all the incidents that have happened, and it detects everything in real-time."
"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"
"FortiSIEM allows you to match IPs with threat intelligence feeds from sources like Kaspersky or Anomali, adding valuable context."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
 

Cons

"The customer experience could be improved."
"Administration of ArcSight is not an easy job. The admin needs to be well experienced in it to identify the root cause and fix it."
"It would be nice if the interface were more user-friendly, with, for example, a minimal number of tabs to navigate."
"​In certain cases, this product does have false positives, which the company should work on."
"What could be improved in ArcSight Enterprise Security Manager (ESM) is its analytics feature. That feature should be more powerful and have more correlation in terms of AI/ML, though MicroFocus has done a good job in adding analytics to ArcSight Enterprise Security Manager (ESM) which has become a big draw to customers. What I'd like to see in the next release of the solution is the addition of AI/ML features."
"The user interface of ArcSight Enterprise Security Manager could improve. It is not very good. Additionally, they could integrate the web interface better."
"ArcSight ESM could improve the alerts for the storage capacities or actions."
"ArcSight ESM's UI is a little cumbersome and complex, especially for first-time and occasional users using the console manager."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"Not very good on non-API features, lacks that functionality."
"The policy editing should be easier. Right now, it's too hard."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"The solution's interface could be modernized and improved."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
 

Pricing and Cost Advice

"Price-wise, ArcSight ESM was a bit high compared to competitors, which factored into our decision to switch to Splunk. It couldn't cover all our business needs for what we wanted to implement."
"ArcSight ESM is an affordable solution, it cost approximately $200,000 for three years. This price was at a substantial discount."
"We have a license to use this solution. The price of ArcSight Enterprise Security Manager is expensive."
"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."
"The product licenses are inexpensive."
"Aggregation can help a lot in pushing down licensing costs."
"There is a license required for this solution."
"​It is best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders.​"
"Fortinet FortiSIEM is not an expensive solution."
"We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that."
"Pricing is determined based on the customer's budget."
"There are additional features that cost more than the standard licensing fees."
"Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."
"If one is cheap and ten is expensive. I rate the tool's price as an eight out of ten. Compared with Splunk or Oracle, Fortinet is cheap."
"FortiSIEM's licensing is based on EPS, and its pricing is competitive in the market."
"Please be cheaper and more simplified."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
846,617 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
15%
Manufacturing Company
11%
Government
8%
Computer Software Company
16%
Financial Services Firm
9%
Government
7%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
As a service, the cost is reasonable and affordable with scalable pricing based on the number of monitored devices. However, setting it up for oneself as an enterprise-licensed product can be quite...
What needs improvement with Fortinet FortiSIEM?
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products. Improving software stability and reducing bugs will make it a ...
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
FortiSIEM, AccelOps
 

Overview

 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Fortinet FortiSIEM and other solutions. Updated: March 2025.
846,617 professionals have used our research since 2012.