- Central log aggregation
- Security correlation
It provides greater visibility of host-based and network activity through its HIDS and NIDS functionality.
They should simplify the HIDS agent reporting/custom rule creation.
I've used it for one year.
We had issues but this was due to us receiving improper training from a third party and not necessarily due to the product.
Servers/sensors cap at 2048 host based agent deployments, but servers and sensors are easily scalable for a medium sized business.
I haven't used anything similar.
AlienVault is willing to offer flexible and competitive pricing.
We also looked at AccelOps, LogRhythm, and IBM QRadar.
If you have any questions, AlienVault's support team is more than willing to help with your installation, implementation, and integration.