AlienVault OSSIM Review

Good architecture, excellent threat policies, and very stable


What is our primary use case?

We implemented the solution for one of our client's e-commerce spaces. Our customer wanted to monitor the complete security posture. 

What is most valuable?

We really like the solution's architecture. There's a logon, clients, an agent, and then the server. All of these were deployed in a multilayer architecture.

The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols.

What needs improvement?

The pricing of the solution needs to be improved.

There needs to be more support or some kind of training program so users can self-learn the system more effectively.

For how long have I used the solution?

I've been using the solution for three years.

What do I think about the stability of the solution?

The stability is quite good. There's no hindrance to the user. It's reliable and doesn't seem to have any bugs or glitches.

What do I think about the scalability of the solution?

The scalability is something I wouldn't be able to comment much on. Since it was on-premises setup, and there was no such dynamic need from the customer in terms of expanding.

There's a team of seven currently working on the solution. Our overall monitoring was divided into three sections. One is a network monitoring, and then there are apps monitoring and monitoring the storage.

We're not involved in the engagement anymore, so I haven't heard if the client has plans to increase usage, however, due to its general limited scalability as hardware, I don't think that they would.

How are customer service and technical support?

We were in touch with technical support a bit when we were doing the implementation. The training and knowledge they provided was minimal and usually through email. We struggled a bit.

Which solution did I use previously and why did I switch?

We were pretty limited to AlienVault with this particular client. They needed something on-premises and didn't want to look at cloud options. We've used QRadar and Sentinal in the past, however, for this customer, we decided AlienVault was best.

How was the initial setup?

The initial setup was a bit complex. That may have been multiplied by the fact that there was a lack of skills on the team. If they had more training, it probably would have been a bit easier or more straightforward.

Deployment took us almost two months, including having to set up all of the infrastructure for it. We worked with about 140 monitoring devices. It wasn't too large of a setup. The client wanted us to build and operate something a bit more modern than their older setup. We worked with them to set up a complete 24/7 soft center on-premise. 

The entire setup and deployment took about four months, and that included not just the IT part but the work area as well. We had to secure the room, put in power, supply air conditioners, etc. That's a pretty standard setup in terms of the physical space.

We had four people working on the deployment, one of which was a very senior professional with 20+ years of experience.

What about the implementation team?

We had one internal consultant who did the entire implementation for us.

What's my experience with pricing, setup cost, and licensing?

I'm not sure what the cost of the solution is. It may be in the ballpark of $60,000 to $100,000.

What other advice do I have?

We're just customers. We don't have a business relationship with the product.

We're using the enterprise edition of the solution, the MSSP edition, however, I'm unsure which version it is we're currently on.

Typically, we get requests for QRadar, AlienVault, or Sentinal. QRadar and AlienVault are the top choices for the most part, and we work with both. We try to accommodate our client's preferences.

I'd rate the solution overall at eight out of ten.

Which deployment model are you using for this solution?

On-premises
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More AlienVault OSSIM reviews from users
...who compared it with Splunk
Learn what your peers think about AlienVault OSSIM. Get advice and tips from experienced pros sharing their opinions. Updated: February 2021.
464,594 professionals have used our research since 2012.
Add a Comment
Guest