Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs Fortinet FortiSIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
19th
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
97
Ranking in other categories
No ranking in other categories
Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
73
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.1%, down from 1.6% compared to the previous year. The mindshare of Fortinet FortiSIEM is 3.1%, up from 3.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh  Dubey - PeerSpot reviewer
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities."
"The user interfaces are quite good and speedy."
"Very good real-time reporting with a good dashboard."
"ArcSight gives us better visibility into threats that were unknown earlier."
"We have been satisfied with the support."
"Some of the benefits of using this solution are rapid correlation and near-time response on alerts."
"ArcSight Enterprise Security Manager (ESM) works perfectly. It's a stable and scalable product."
"I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive."
"The solution’s IP database is awesome."
"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."
"It's a very nice solution to work with."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"Technical support is helpful."
"Both the collecting logs and duo correlation are valuable features for us."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
 

Cons

"Micro Focus does not have a physical presence here in Pakistan, although IBM does."
"Deployment typology could be improved. Difficult to scale across all the different lines of businesses."
"Customer service and support is our biggest challenge."
"The API integration could be better, and I'd like to see more machine-learning capabilities in the future."
"It would be nice if the interface were more user-friendly, with, for example, a minimal number of tabs to navigate."
"The solution could be more stable."
"ArcSight ESM's UI is a little cumbersome and complex, especially for first-time and occasional users using the console manager."
"They also could improve the product by integrating user and identity behavior analytics."
"The process of installing Fortinet FortiSIEM and the customization of the alerts take too long."
"I would like to see easier implementation in the future."
"The solution's technical support didn't help our company a lot."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information."
"When our team tried configuring logs for Microsoft SQL, it did not work."
"The log collection and configuration management are not great."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
 

Pricing and Cost Advice

"The licensing cost is affordable if you get an enterprise license. The licensing is based on EPS, so you can probably provide a package of license for multiple ESMs with their correlational end fees. It is cost-effective."
"Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."
"We're paying a fee for an MSSP, and the cost of the total cost of ArcSight ESM was approximately three to four million dollars a year. The price was less than similar solutions. We did not have additional fees."
"​It is best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders.​"
"It's a good price, it's one of the cheaper solutions."
"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."
"There is a license required for this solution."
"Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service."
"The price of the solution is expensive. The license is scalable. If there are 10 devices it is simple to license."
"Fortinet FortiSIEM is not an expensive solution."
"There are additional features that cost more than the standard licensing fees."
"There is a need to make yearly payments towards the licensing charges attached to the product. The free version license of the product is available for two months."
"The price of Fortinet FortiSIEM was reasonable compared to other solutions."
"The solution is available for both, perpetual and subscription licenses."
"Fortinet FortiSIEM is cheaper compared to other products."
"Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,712 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
15%
Manufacturing Company
11%
Government
8%
Computer Software Company
16%
Financial Services Firm
9%
Government
7%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
As a service, the cost is reasonable and affordable with scalable pricing based on the number of monitored devices. However, setting it up for oneself as an enterprise-licensed product can be quite...
What needs improvement with Fortinet FortiSIEM?
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products. Improving software stability and reducing bugs will make it a ...
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
FortiSIEM, AccelOps
 

Overview

 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Fortinet FortiSIEM and other solutions. Updated: March 2025.
845,712 professionals have used our research since 2012.