AT&T AlienVault USM Review

​The integration of IDS and OSSEC is valuable as it enables correlation between Network IDS events and host system event logs


Valuable Features

The integration of IDS and OSSEC is valuable as it enables correlation between Network IDS events and host system event logs.

Improvements to My Organization

AlienVault USM has improved how we manage events and incidents in our infrastructure. With AlienVault we are able to respond to incidents and take necessary action faster than we could before without the solution in place.

Room for Improvement

Some customizations with the integration between AlienVault components have room for improvement and enabling users with WebUI interfaces instead of having to edit configuration files on the system to achieve certain actions would be a good improvement.

Use of Solution

Three years.

Stability Issues

No issues with instability has been encountered in our environment.

Scalability Issues

No issues with scalability has been encountered in our environment.

Customer Service and Technical Support

The AlienVault Technical support is good and has helped out several time with some really specific configurations in our environment.

Previous Solutions

We used an outsourced MSSP solution but we needed to get the solution in-house in order to better integrate with our datacenters and systems and comply with financial regulatory and PCI-DSS requirements.

Initial Setup

The initial setup was straightforward and quite easy to setup. Requires Linux knowledge to manage but given that we use Linux for our critical infrastructure services it was no problem for us.

Pricing, Setup Cost and Licensing

We chose AlienVault partly do the the many features and functionalities that was bundled with the product to the pricing and licensing models that was offered. Many other solutions did not have the full spectrum of features but was significantly more expensive so we would have been forced to get additional solutions to cover all our requirements. With AlienVault we got a all-in-one solution that covered our needs.

Other Solutions Considered

We had a look at the current offerings at that time, including Tripwire, McAfee, SourceFire, etc., but concluded that we would get the best-bang-for-the-bucks with AlienVault solution

Other Advice

As with any Security solution, you still need to have knowledgeable people to manage the solution and the solution is not a silver-bullet that takes care of all your issues without being properly managed. Make sure you have the necessary knowledge and headcount to use the solution before implementing this or any other solution. With Security, the most of the cost is in OPEX, not CAPEX, so make sure you have the necessary expertise to operate the solution as efficiently as possible.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
1 visitor found this review helpful
1 Comment
Tami AndrewsVendor

thanks for your feedback.

02 June 17
Guest
Sign Up with Email