We performed a comparison between IBM Security QRadar, USM Anywhere, and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."The initial setup of QRadar is not complex because we have done it before and we are used to the development. It is getting easier all the time."
"IBM QRadar Advisor with Watson is a stable solution."
"The initial setup is not complex or difficult."
"Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow."
"It has improved comprehensive visibility for what is going on in the perimeters, and on the inside, as well."
"It's user-friendly when compared to other products."
"The simplicity of the solution is the best feature."
"IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot."
"In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management."
"SIEM log collection is great, and all of the rules that support updates with maintenance."
"AlienVault provides a checklist answer when using SIEM."
"Ease of deployment across various environments."
"Log-monitoring and alerting enable us to know when things happen that we need to know about."
"Having everything in a central place has been helpful."
"The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful."
"The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."
"One of the most valuable features of vRealize Log Insight is that it gives you a clear forecast about your existing machines, for example, how long your machines could be supported and how long the remaining capacity is to host your machines. This is one of the best options available within vRealize Log Insight. Another valuable feature of the solution is automation. My company deploys a lot of automation when required in a very, very short period, and in a very uniform manner, and even if the automation is being deployed for different processes and departments, it's pretty much the same across the environment, so vRealize Log Insight helps reduce a lot of ambiguities and helps my company manage operational efficiencies well."
"We are using it because we have a VMware product. It has its own built in dashboards for VMware products, and that's a good thing."
"The setup and installation are very easy."
"The system's management and its alerts are the most valuable aspects of the solution."
"One of the things I like about it is its interface. When it comes to generating reports on VMs and stuff, it's very quick. This is very handy for the technical team, who need to generate reports quickly. So that's really good."
"The virtualization solution supports data center virtualization, network and security."
"Our current costs are too high, and this tool will help us to better optimize our infrastructure."
"The events are notably more descriptive, aiding in security and event analysis. We've also integrated Sky Collector, providing valuable insights and solutions for troubleshooting."
"The product does not have a team for investigating malware."
"SOAR is what is expected the most from QRadar. They have something called SOAR Resilient, and it would be great if that gets induced in SIEM. IBM QRadar (as well as McAfee ESM) should have analytics platform integration. Currently, SIEMs don't have full-fledged integration with analytics where we are able to dump our data in SIEM, and the same data can be called from different analytics applications. We should be able to bring this data to a platform like Hadoop for big data and run the analytics there. Currently, people are seeing the past data and taking some actions in the present, but when it comes to analytics, there should be futuristic data where you can predict something out of your present and past data. Apart from that, I would like to see a full-fledged ITSM tool in QRadar. It sometimes has some technical issues that need to be checked. It requires a dedicated QRadar engineer to completely manage it. It has different module sets, such as event collector and event processor, and some technical glitches come in between. It takes the log but doesn't exactly process it in the way we want."
"The features that could be improved include the licensing model and the dashboards and all those presentations. Overall, the user experience part can be improved."
"Maybe there should be more custom rules in the exchange. Basically, we are using a lot of threat rules, so maybe they'll develop something like that."
"IBM is going through some problems with its resources currently making its support response time slow."
"The advanced planning management (APM) features should be included."
"QRadar needs to be more specialized, along the lines of what other SIEM solutions are."
"The pricing of the solution is a bit high. If they could lower it, that would be ideal."
"Adding a parsing interface for the customers would make AT&T AlienVault USM better."
"The dashboard could be improved as well as the level of customization."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job."
"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."
"The solution is a bit complicated. It could be simplified quite a bit."
"The GUI needs to improve because it's not user-friendly."
"Support can be slow at times, but the quality is high. Posted knowledge base articles could use improvement."
"The pricing of the solution could be improved."
"The solution should be more user-friendly. The user interface and dashboard could be simplified."
"The dashboard needs to be improved because this is what I need to monitor my infrastructure."
"The tool is expensive."
"I don't use the solution on a day to day basis, so I'm not sure what specifically can be improved."
"From an improvement perspective, the tool needs to be made more user-friendly."
"Integration with other vendors is something that could be improved, they could add more vendors."
"It's great for VMware, but it would be good if they had third-party logins."
More VMware Aria Operations for Logs Pricing and Cost Advice →
