AT&T AlienVault USM Review

AlienVault helped take us from semi-Pro to Pro


What is most valuable?

The NIDS/HIDS features have probably been the best features for us in our environment. We've had some open-source options and, while they work, it isn't the same as having commercial support. SIEM is the second-most useful feature.

How has it helped my organization?

We've been able to professionally generate alerts for IDS, SIEM and vulnerabilities where we didn't have those capabilities before.

What needs improvement?

Reporting still needs a lot of work, especially on the vulnerability side. Vulnerability management UI could be improved as well.

Vulnerability reports are clunky and difficult to manage. The layout is not really professional or intuitive and takes some time to understand how to navigate it. In general, while there are some customization options with reporting features as far a look and feel, reports still have an “open source” feeling. In general, the look is not as clean and professional as what one is used to seeing in other, similar products.

For how long have I used the solution?

I have used it for 16 months.

What was my experience with deployment of the solution?

We have not encountered any deployment issues.

What do I think about the stability of the solution?

We encountered one stability issue. With the amount of log data we were sending, our sensor drives were filling up within a day or two. We had to create some cron jobs to ensure logs were rotated more frequently.

What do I think about the scalability of the solution?

We have not encountered any scalability issues. You just add another sensor; pretty easy.

How is customer service and technical support?

Customer Service:

Customer service is excellent! Always very responsive.

Technical Support:

Technical support is excellent! Always very responsive.

Which solutions did we use previously?

We used Nexpose for vulnerability management and moving away from that was the primary reason we went with AlienVault.

How was the initial setup?

Initial setup was very easy for the most part. We were paired with a third-party vendor for onboarding. We didn't work well with this group, but AlienVault happily transferred our service hours to another group and that relationship worked much better for us.

What about the implementation team?

An in-house team implemented it.

Which other solutions did I evaluate?

Before choosing this product, we did not evaluate other options., we looked at Nessus SecurityCenter with Log Management.

What other advice do I have?

We've been very happy with the purchase. While the list of supported vendors in the SIEM continues to grow, I do wish that creating plugins was a little easier.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
1 Comment
author avatarTami Andrews
Vendor

thank you Aaron for your review & comments.

Guest
Sign Up with Email