Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs Netwrix Auditor comparison

OpenText and Netwrix are both solutions in the Security Information and Event Management (SIEM) category. OpenText is ranked #19 with an average rating of 7.0, while Netwrix is ranked #33 with an average rating of 9.0. OpenText holds a 1.1% mindshare in SIEM, compared to Netwrix’s 0.3% mindshare. Additionally, 88% of OpenText users are willing to recommend the solution, compared to 100% of Netwrix users who would recommend it.
ArcSight Enterprise Securit...
Read 97 ArcSight Enterprise Security Manager (ESM) reviews
  • 2,658 Views
  • 1,394 Comparison Views
88% willing to recommend
Netwrix Auditor
Read 7 Netwrix Auditor reviews
  • 244 Views
  • 148 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

ArcSight Enterprise Security Manager (ESM) and Netwrix Auditor are both leading tools in the security and auditing domain. Users are generally happier with the large-scale, enterprise-level capabilities of ArcSight ESM, but Netwrix Auditor is often preferred for its usability and flexibility.

Features: ArcSight Enterprise Security Manager (ESM) is praised for its comprehensive security monitoring features, advanced correlation capabilities, and scalability, making it well-suited for large organizations. Netwrix Auditor is valued for its clear reporting, efficient event log management, and the ability to track changes across various systems.

Room for Improvement: ArcSight ESM users suggest improvements in the complexity of rule creation and automation capabilities. Additionally, there is feedback regarding the high resource consumption. Netwrix Auditor users express a need for enhanced integration with other security tools and better real-time alerting.

Ease of Deployment and Customer Service: ArcSight ESM deployment is noted to be complex and resource-intensive, with users often requiring professional assistance for setup. The customer service receives mixed reviews, citing room for more responsive support. Netwrix Auditor offers a straightforward deployment process that users find easier and faster, with positive feedback on customer support responsiveness.

Pricing and ROI: ArcSight ESM is considered highly priced, reflecting its extensive feature set and enterprise focus. Despite the cost, it is deemed a valuable investment for large-scale security needs. Netwrix Auditor is noted for its favorable pricing structure, offering good ROI particularly for mid-sized organizations. Thus, Netwrix Auditor provides a cost-effective solution with satisfactory returns.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ArcSight Enterprise Security Manager (ESM) vs. Netwrix Auditor Report (Updated: April 2025).
Buyer's Guide
ArcSight Enterprise Security Manager (ESM) vs. Netwrix Auditor
April 2025
Download the complete report
Helped 848,396 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
19th
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
97
Ranking in other categories
No ranking in other categories
Netwrix Auditor
Ranking in Security Information and Event Management (SIEM)
33rd
Average Rating
9.2
Reviews Sentiment
7.7
Number of Reviews
7
Ranking in other categories
GRC (10th), Identity and Access Management as a Service (IDaaS) (IAMaaS) (18th), Active Directory Management (3rd)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.1%, down from 1.6% compared to the previous year. The mindshare of Netwrix Auditor is 0.3%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh Dubey - PeerSpot reviewer
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
Read full review
Mohamed Tantawy - PeerSpot reviewer
Can track every admin action in large environments and includes AI modules to detect and prevent unauthorized changes
The initial setup of Netwrix Auditor was straightforward. Some functions require agents while others are agentless, simplifying implementation. It consumed minimal server and client resources, and the wizard-based console made it simple to deploy with the help of architectural teams. All required ports were in place, and they covered all critical services and databases effectively. I would rate the easiness of the initial setup as a nine out of ten. The deployment of Netwrix Auditor took around three weeks, mainly due to the preparation of the environment and servers. The deployment process involved actions such as preparing virtual servers and building databases. Once deployed, it took only about a week to complete. Third-party consultants assisted us with deployment. Only one or two engineers were needed for deployment and maintenance, which could be handled remotely with minimal complexity.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Usability is the most valuable feature. The accessibility is quite good."
"The tool is good for correlation and aggregation. We use it as a collection platform."
"This process has helped to improve our organization because we have centralized the intra-group security equipment logs."
"I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me."
"The out-of-the-box rules that help us configure functioning rules within the environment are valuable."
"There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive."
"Feature-rich solution which provides better network visibility for improved security"
"The most important feature is ArcSight's event correlation capabilities. It's powerful and easy. I also like the flex connector capability. It's easy to develop a new connector that isn't fully supported out of the box. For example, say you created a solution internally that's completely different, and it's not unsupported by the solution. You can write your own connector using the flex connector."
More ArcSight Enterprise Security Manager (ESM) pros
"It maintains audit logs for the duration of time that you wish, as long as you have the storage capacity to do so."
"I am impressed with the tool's reporting feature and notifications."
"Netwrix provides features that no other solution on the market does."
"I have found user behavior analysis and the ability to run risk assessments important features. Additionally, the interface and online documentation are very good."
"The most valuable feature is the real-time monitoring."
"What I find the most valuable about Netwrix Auditor is the way it shows risk. The reports are very clear."
"The most valuable features of Netwrix Auditor are its affordability compared to similar products and its comprehensive monitoring of admin activities."
 

Cons

"Currently lacks SOAR feature."
"The tool should improve its UI. It also should make data more searchable."
"ArcSight ESM needs to improve performance, user interface, and automation."
"The weakness in this system comes about because, with so many different logs, it is possible that the security analyst will lose information."
"The user interface of ArcSight Enterprise Security Manager could improve. It is not very good. Additionally, they could integrate the web interface better."
"I am having issues with report generation with older versions. I don't know if this is because of compatibility issues, but report generation has been a little bit difficult in older versions. It is not similar to the newer and current versions. We are looking at moving to the cloud. It would be good if ArcSight ESM can move to the cloud. They already seem to be working on this. It would also be very helpful and great if we can integrate external threat intelligence, machine learning, and AI into this solution. It has good dashboards, but they can always be better. Its stability can also be improved."
"There could be more API features for extracting logs on different devices included in the product."
"Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery."
More ArcSight Enterprise Security Manager (ESM) cons
"The solution lacks self-service on password reset. It also needs to improve its scalability."
"There is room for improvement with the introduction of AI functionality."
"I expect usability features to become more refined over time. I'm interested to see how it evolves and continues to improve."
"When there are issues I would like remediation to be in one place."
"An improvement would be if there was an another way to manage the logs besides email because it's not so practical."
"The Linux compatibility of this solution could be improved."
"There is room for improvements when it comes to the licensing."
"If you buy direct, there is a minimum of 150 licenses that must be procured. The price point and barrier of entry is a little bit higher than it would be if you purchased the solution from an authorized reseller partner, rather than buying it and managing yourself."
 

Pricing and Cost Advice

"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."
"Aggregation can help a lot in pushing down licensing costs."
"​It is best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders.​"
"Pricing is good, I'd rate the pricing a seven out of ten, with ten being low price. It's better than Splunk and IBM QRadar because their pricing is based on EPS."
"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."
"It's a good price, it's one of the cheaper solutions."
"The pricing model is expensive compared to open-source alternatives."
"Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service."
More ArcSight Enterprise Security Manager (ESM) pricing and cost advice
"The tool's price is fair."
"This solution is reasonably priced. I would rate it a nine out of ten."
"There is a license for this solution and we are on an annual license. The price is reasonable."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
848,396 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
15%
Manufacturing Company
10%
Government
8%
Financial Services Firm
14%
Manufacturing Company
10%
Computer Software Company
9%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
See all answers
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
See all answers
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
See all answers
What do you like most about Netwrix Auditor?
The most valuable features of Netwrix Auditor are its affordability compared to similar products and its comprehensive monitoring of admin activities.
See all answers
What is your experience regarding pricing and costs for Netwrix Auditor?
The pricing of Netwrix Auditor varies based on the number of users and devices in our environment, but it is generally very cost-effective compared to other solutions. We don't pay for licenses sep...
See all answers
What needs improvement with Netwrix Auditor?
The solution currently meets my needs, but there is room for improvement with the introduction of AI functionality as suggested by the vendor. Additionally, expanding capabilities like database act...
See all answers
 

Comparisons

Trellix ESM vs ArcSight Enterprise Security Manager (ESM) Logo
Trellix ESM vs ArcSight Enterprise Security Manager (ESM)
Compared 23% of the time
Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM) Logo
Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM)
Compared 14% of the time
Elastic Security vs ArcSight Enterprise Security Manager (ESM) Logo
Elastic Security vs ArcSight Enterprise Security Manager (ESM)
Compared 9% of the time
Google Chronicle Suite vs ArcSight Enterprise Security Manager (ESM) Logo
Google Chronicle Suite vs ArcSight Enterprise Security Manager (ESM)
Compared 8% of the time
Wazuh vs ArcSight Enterprise Security Manager (ESM) Logo
Wazuh vs ArcSight Enterprise Security Manager (ESM)
Compared 7% of the time
More ArcSight Enterprise Security Manager (ESM) Competitors
Quest Change Auditor for Active Directory vs Netwrix Auditor Logo
Quest Change Auditor for Active Directory vs Netwrix Auditor
Compared 20% of the time
Lepide vs Netwrix Auditor Logo
Lepide vs Netwrix Auditor
Compared 13% of the time
ManageEngine ADAudit Plus vs Netwrix Auditor Logo
ManageEngine ADAudit Plus vs Netwrix Auditor
Compared 12% of the time
SolarWinds Access Rights Manager vs Netwrix Auditor Logo
SolarWinds Access Rights Manager vs Netwrix Auditor
Compared 12% of the time
Tenable Identity Exposure vs Netwrix Auditor Logo
Tenable Identity Exposure vs Netwrix Auditor
Compared 8% of the time
More Netwrix Auditor Competitors
 

Product Reports

Buyer's Guide
ArcSight Enterprise Security Manager (ESM)
April 2025
ArcSight Enterprise Security Manager (ESM) reportDownload ArcSight Enterprise Security Manager (ESM) product report
Buyer's Guide
Netwrix Auditor
April 2025
Netwrix Auditor reportDownload Netwrix Auditor product report
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
No data available
 

Overview

ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.

ArcSight Enterprise Security Manager (ESM) Features

  • Real-time threat detection
  • Visualization and reporting capabilities
  • Patented log management
  • Personalized dashboards
  • Scalable event monitoring
  • Seamless integration with your existing SOC tools
  • Behavior profiling
  • Data and user monitoring
  • Application monitoring
  • Analytics
  • Deployment/support simplicity

ArcSight Enterprise Security Manager (ESM) Benefits

Some of the benefits of using ESM include:

  • Real-time information: ArcSight ESM can correlate data from any source in real-time to detect incidents before they become a breach.
  • Compliance: Optional compliance packs enable packaged reports for PCI, SOX, and IT Governance.
  • Security analytics: With ArcSight ESM, you can build and maintain a security operation center (SOC) through big data security analytics.
  • Integration: ArcSight ESM allows you to integrate SOC with network operations, service desk, CMDB, business intelligence, Hadoop, email security, application security, threat feeds, and more. 
  • Speed: ArcSight ESM provides excellent speed of event collection with patented log management tools. 
  • Advanced detection: ArcSight ESM can detect unusual or unauthorized activities as they occur, preventing business disruptions. 
  • Decrease threat exposure: By implementing ArcSight ESM, you reduce threat exposure because the solution detects threats in real time.  
  • Operational efficiency: ArcSight ESM makes it possible for you to automate responses with ArcSight’s native SOAR, which saves your organization time, and therefore increases your operational efficiency.

Reviews from Real Users

Below are some reviews and helpful feedback written by ArcSight Enterprise Security Manager (ESM) users.

A Head of Professional Services at a computer software company says, “The simplicity of the solution is the most valuable aspect of the product. The product is quite mature. It's been around for a long time. The integration is easy for the most part.”

A Managing partner at a tech services company states that the solution is “Good at consolidating logs, fairly stable, and can scale.” 

PeerSpot user Abbasi P., Vice President Derivatives Ops IT at a financial services firm, explains, “The user interfaces are quite good and speedy, and I like the consoles too. The typology and the setup are also good.”

A Chief Technological Officer at a tech services company says, "It is a very useful tool for intelligence building because it has many use cases and many rule sets."

An Associate Vice President at a consumer goods company comments, “We primarily use the solution for its technology including its independent logs, and those types of things. The solution offers very good monitoring. The product's log management and event management capabilities are excellent. There are a lot of really good analytical components. It helps us focus on analysis.”

OpenText
Netwrix Auditor is a security-focused solution that monitors IT environments by tracking changes, ensuring compliance, and enhancing visibility into user activities. It offers detailed auditing, real-time alerts, and robust reporting tools. Its intuitive interface and comprehensive features boost efficiency, productivity, and organizational growth.
Netwrix
 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
AT&T, SanDisk, Siemens, Verizon, Electrolux, Allianz, Societe Generale
Buyer's Guide
ArcSight Enterprise Security Manager (ESM) vs. Netwrix Auditor
April 2025
Free Report: ArcSight Enterprise Security Manager (ESM) vs. Netwrix Auditor
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Netwrix Auditor and other solutions. Updated: April 2025.
DOWNLOAD NOW
848,396 professionals have used our research since 2012.
See our ArcSight Enterprise Security Manager (ESM) vs. Netwrix Auditor report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.