AT&T AlienVault USM Review

Valuable features include integrated vulnerability assessment, intrusion/anomaly detection and monitoring, with a simple management interface.


What is most valuable?

Integrated vulnerability assessment, intrusion/anomaly detection and monitoring, with a simple management interface.

How has it helped my organization?

AlienVault provided improved visibility into the environment as well as the ability to report on the organization’s security posture.

What needs improvement?

Asset scanning and inventory (stale assets, scheduling scans) and correlation (false positives).

For how long have I used the solution?

2 years

What do I think about the stability of the solution?

No.

What do I think about the scalability of the solution?

Yes. Upgrading the network cards (from 1GB to 10GB) was not “supported” on the appliance, so we had to purchase a second one as a sensor. The secondary appliance with the 10GBs NICs is the same as the primary appliance, so this was disappointing.

How are customer service and technical support?

High (seldom used).

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

Simple and straightforward. The bulk of the work is understanding your own environment and tuning events (syslog, scans, alarm).

What's my experience with pricing, setup cost, and licensing?

Pricing was a very important consideration and lower than the other SIEM solutions evaluated. The price point makes it accessible for SMB organizations that may be constrained of resources (budget and people/skills) so deployment can be gradual while still deriving value out of the solution.

Which other solutions did I evaluate?

SolarWinds, Splunk, LogRhythm.

What other advice do I have?

As with any SIEM, it is not a “turn-key” or “set it and forget it” solution. It requires resources and skills to deploy, although this can be done in stages. Appropriate resources for maintenance is also key so the information is accurate, relevant and timely. Otherwise it becomes a repository of stale ignored events and alarms.

**Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
More AT&T AlienVault USM reviews from users
...who work at a Financial Services Firm
...who compared it with McAfee ESM
Find out what your peers are saying about AT&T, Splunk, LogRhythm and others in Security Information and Event Management (SIEM). Updated: July 2021.
522,946 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest
1 Comment

author avatarTami Andrews (AlienVault)
Real User

Thanks Pedro for taking time to provide your feedback & comments.