What is our primary use case?
We have three main uses for the solution. They are compliance, incident response, and as a tool for information security.
What is most valuable?
The solution has excellent compliance and has good incident response.
There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems.
The out-of-the-box features are great. You don't have to jump to different consoles as everything is right there. Everything from a security standpoint can be handled via one screen.
What needs improvement?
The solution could be improved in three ways. The first one is user behavioral analytics. They need work.
The second one is cloud-related usage. The solution already has quite good tools, however, they need better integration tools for linking with Office 365, Google Suite, and so on.
The third one improvement could be a bit more customization for security products. If someone has an antivirus where it is customizable they need to have the ability to easily connect everything together.
For how long have I used the solution?
I've been dealing with the solution for four years.
What do I think about the stability of the solution?
The solution is very stable. We haven't had issues so far in terms of using it.
What do I think about the scalability of the solution?
The solution is quite easy to scale. You just need to install the standard solution. You don't have to change the whole installation. In the case of the cloud deployment version, you only need to add sensors. In either case, you need to have the correct licenses, however, it's quite simple to accomplish.
How are customer service and technical support?
Technical support has always been quite good. With the product itself, we haven't personally had any issues. However, a lot of times our customers or engineers contact AlienVault support with a request to help to start a new correlation rule, integration, or other issues. When that happens, support always answers and gives them all the details they need.
Which solution did I use previously and why did I switch?
As a reseller, we've looked into other solutions, however, we find this product to be the best option for our customers time after time.
How was the initial setup?
The initial setup is pretty easy. Anyone can install this solution within four or five hours. They don't need to be engineers in order to do that.
By that point, it will already be prepped and can show us what is happening from a security point of view.
It's quite easy to install and deploy. You don't need a security team for ten people. There's a lot of automation within the tool, so you only really need one or two security staff to operate it for a company of, for example, 500 people.
What's my experience with pricing, setup cost, and licensing?
In comparison to the competition, it's a very inexpensive option, whether you use the cloud or the on-premises deployment models. You also get great value for money as you do get a lot of very good tools that come standard with the solution as well.
What other advice do I have?
We're not using the solution ourselves. We're resellers.
USM Anywhere is cloud-based, although they have a different version that is on-premises or on a private cloud called the USM Appliance. We're using the on-premises version, which is quite different from the cloud version.
Overall, I'd rate the solution nine out of ten. There are a few areas where they can improve, however, overall, it's been a very good product for us and our customers.
We'd recommend the solution. We've looked into other options and we always come back to this product.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Thank you Corey for your comments!