AT&T AlienVault USM Review

Provides a single way to analyze traffic and threats on our network.


What is most valuable?

Enabling visibility of traffic on our network, merging of multiple systems reporting and analysis and clear method to highlight potential issues.

How has it helped my organization?

Previously we had no single way to analyze traffic and threats on our network, relying instead on multiple, independent systems. We can now correlate reported threats and anomalies to better determine what threats we face.

What needs improvement?

The configuration is somewhat complex and the interface a bit non-intuitive. Whilst very useful for reporting, interpretation of the results can be difficult: improved features to help with this would be welcome.

For how long have I used the solution?

I've been using it for six months.

What do I think about the stability of the solution?

We’ve had 100% uptime since installation.

What do I think about the scalability of the solution?

We have not had any requirements to change the scope of the installation since first deployment.

How are customer service and technical support?

Good. Initial help with deployment was excellent, and the facility to create a tunnel for tech support personnel to troubleshoot system is very useful.

Which solution did I use previously and why did I switch?

We didn't have anything like AlienVault previously.

How was the initial setup?

It's fairly complex. There is quite a bit of additional config required in order to get the most from the system. A base config allows for monitoring, but to get the most, you need to add plugins for various systems on your network: this config is somewhat complex and requires a good knowledge of how AV works.

What's my experience with pricing, setup cost, and licensing?

Unless you have a small network, you really need the unlimited endpoint license, which is the most expensive option. Best to negotiate to get this version, otherwise scalability will be an issue (unless your total number of endpoints in under approx. 100).

Which other solutions did I evaluate?

We also looked at Tripwire.

What other advice do I have?

The initial onboarding during the trial period, including assisted setup, was most useful. Ensure you get the most from this, as if you require further setup assistance, it comes under (paid-for) professional services. AV is a very useful tool, but must be configured correctly in order to get the most out of it.

**Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
More AT&T AlienVault USM reviews from users
...who work at a Financial Services Firm
...who compared it with McAfee ESM
Find out what your peers are saying about AT&T, Splunk, LogRhythm and others in Security Information and Event Management (SIEM). Updated: July 2021.
523,372 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest
1 Comment

author avatarTami Andrews (AlienVault)
Real User

Alan - thank you for your thoughtful feedback & comments.