We integrated this tool with our security infrastructure. We installed it on a Linux server, where we have a Logger and ESM installed. With the Linux server as the hub, we manage all the configurations and rules, including those for email triggers. The logs are routed through a connector to the Logger, allowing us to monitor our infrastructure effectively. The platform helps us improve threat detection capabilities. I recommend it to others and rate it a seven out of ten.
ArcSight Intelligence is easy to maintain; one person is enough for the solution's maintenance. The maintenance person will add new features or devices, make policy changes or configurations, and learn and guide other engineers about new threats. ArcSight Intelligence is a user-friendly solution, and users should buy it if their company can afford its cost. Overall, I rate ArcSight Intelligence a nine out of ten.
I give the solution a seven out of ten. I suggest that potential users go for Splunk or SolarWinds as ArcSight requires a rich knowledge base and there are no online resources available. To ensure that we can deploy and set up ArcSight correctly, it is better to attend a training course to get the necessary knowledge. However, SolarWinds has a log server that is easier to learn, with fewer commands, and most of the tasks are done through the GUI. Therefore, I recommend SolarWinds instead of ArcSight.
Find out what your peers are saying about OpenText, Microsoft, Exabeam and others in Security Information and Event Management (SIEM). Updated: January 2025.
Security Information and Event Management (SIEM) tools offer comprehensive visibility and management of an organization’s security events through real-time analysis and correlation of data from multiple sources.
SIEM solutions provide a centralized platform for managing security alerts and logs from various sources such as network devices, servers, and applications. They help identify and mitigate potential threats by analyzing event data for unusual patterns and correlations. These tools...
We integrated this tool with our security infrastructure. We installed it on a Linux server, where we have a Logger and ESM installed. With the Linux server as the hub, we manage all the configurations and rules, including those for email triggers. The logs are routed through a connector to the Logger, allowing us to monitor our infrastructure effectively. The platform helps us improve threat detection capabilities. I recommend it to others and rate it a seven out of ten.
I rate ArcSight Intelligence a nine out of ten.
ArcSight Intelligence is easy to maintain; one person is enough for the solution's maintenance. The maintenance person will add new features or devices, make policy changes or configurations, and learn and guide other engineers about new threats. ArcSight Intelligence is a user-friendly solution, and users should buy it if their company can afford its cost. Overall, I rate ArcSight Intelligence a nine out of ten.
I give the solution a seven out of ten. I suggest that potential users go for Splunk or SolarWinds as ArcSight requires a rich knowledge base and there are no online resources available. To ensure that we can deploy and set up ArcSight correctly, it is better to attend a training course to get the necessary knowledge. However, SolarWinds has a log server that is easier to learn, with fewer commands, and most of the tasks are done through the GUI. Therefore, I recommend SolarWinds instead of ArcSight.
I would rate ArcSight Interset/Intelligence an eight out of ten.