Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs Fortinet FortiSIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
19th
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
97
Ranking in other categories
No ranking in other categories
Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
73
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.1%, down from 1.6% compared to the previous year. The mindshare of Fortinet FortiSIEM is 3.1%, up from 3.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh  Dubey - PeerSpot reviewer
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The filters and the ability to do what you want are the most valuable features. There is nothing that you cannot do in this solution. It has all the features, which makes it very dynamic."
"It prevented my users from getting infected by ransomware. It can also pinpoint the story behind every virus or network attack to our environment."
"The feature that I have found the most useful is that it can be deployed to the cloud."
"ESM has valuable features for event prediction and security analysis."
"ArcSight ESM provides us the flexibility to write our own passwords and customize the solution. It lets us search and log a variety of SmartConnectors. It has 480-plus SmartConnectors."
"The out-of-the-box rules that help us configure functioning rules within the environment are valuable."
"It is a robust product and has multiple valuable features."
"The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation."
"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"FortiSIEM allows you to match IPs with threat intelligence feeds from sources like Kaspersky or Anomali, adding valuable context."
"FortiSIEM is a great tool for making security processes transparent."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
 

Cons

"In other products, I have found that they use some kind of GUI that is drag and drop. While in ArcSight they use still scripting. They should keep scripting because some people prefer scripting but they should have the option for those who prefer using drag and drop."
"There could be more API features for extracting logs on different devices included in the product."
"The initial setup is very complex. We had to architect a deployment which allowed us to incorporate an ever growing number of customers into our hosted instance of ArcSight."
"Its search part can be improved. When I go to the console and search for a few logs or something else, it takes a lot of time. When I try to search for three days or one week, it takes too much time. This is a major area of improvement. I wanted them to include features like SOAR, threat intelligence, and automation, and they seem to have included all these features in version 7.3 or 7.4."
"The tool should improve its UI. It also should make data more searchable."
"Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery."
"The UI interface is somewhat complex and needs to be simplified."
"The security area has room for improvement."
"There is no proper guide for integration or configuration."
"There could be improvements like introducing some solutions directly into FortiSIEM to avoid the need for separately purchasing additional tools like FortiStore."
"I would like to see more integration with other platforms."
"I would like to see easier implementation in the future."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"The dashboard needs to improve."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
 

Pricing and Cost Advice

"The product licenses are inexpensive."
"The pricing is great compared to others."
"We're paying a fee for an MSSP, and the cost of the total cost of ArcSight ESM was approximately three to four million dollars a year. The price was less than similar solutions. We did not have additional fees."
"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."
"Price-wise, ArcSight ESM was a bit high compared to competitors, which factored into our decision to switch to Splunk. It couldn't cover all our business needs for what we wanted to implement."
"Pricing is good, I'd rate the pricing a seven out of ten, with ten being low price. It's better than Splunk and IBM QRadar because their pricing is based on EPS."
"ArcSight can be a little bit expensive because of the area that we work in and the cost. Licensing is mostly on a yearly basis, not monthly."
"Aggregation can help a lot in pushing down licensing costs."
"Fortinet's products are not expensive, it is less than the competition."
"They have a yearly subscription."
"Fortinet FortiSIEM is not an expensive solution."
"The price of the solution is expensive. The license is scalable. If there are 10 devices it is simple to license."
"There are additional features that cost more than the standard licensing fees."
"We pay for a license for FortiSIEM. We pay for the license and renewal."
"This is probably more on the lower cost end of the spectrum compared to competing products. Fortinet's license model is based on events per second, which makes sense, but that's not typical. It makes it very hard to calculate what your costs are going to be as you scale the platform because some log sources, such as firewall logs, are very noisy, and there are lots and lots of events per second, but some of them are not. So, it becomes a bit of a science experiment trying to guess what your costs are going to be as you scale the solution. This is where other competing products perhaps have a more straightforward license model."
"If one is cheap and ten is expensive. I rate the tool's price as an eight out of ten. Compared with Splunk or Oracle, Fortinet is cheap."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
15%
Manufacturing Company
11%
Government
9%
Computer Software Company
16%
Financial Services Firm
9%
Government
7%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
As a service, the cost is reasonable and affordable with scalable pricing based on the number of monitored devices. However, setting it up for oneself as an enterprise-licensed product can be quite...
What needs improvement with Fortinet FortiSIEM?
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products. Improving software stability and reducing bugs will make it a ...
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
FortiSIEM, AccelOps
 

Overview

 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Fortinet FortiSIEM and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.