How has it helped my organization?
This has helped improve our overall IT security by allowing us to implement a full suite of security tools that allows us to roll out log management on clients and servers, host-based IDS, and network-based IDS. It also provides vulnerability scanning; however, we use a separate product for that.
What is most valuable?
The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization.
What needs improvement?
I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job.
What do I think about the stability of the solution?
We have not encountered any stability issues.
What do I think about the scalability of the solution?
We have not encountered any scalability issues; the product scales very easy.
How is customer service and technical support?
I would rate customer service an 8/10. I've received calls from customer service a few times a month and it gets a little overbearing, especially when you are busy, as IT professionals are.
I would rate technical support a 9/10.
Which solutions did we use previously?
This was our first solution for HIDS, NIDS, and log management.
How was the initial setup?
The initial setup was straightforward. I simply followed the steps in the setup wizard and the steps provided by technical support, and I had a trial version (later converted to paid version with additional steps) set up in about an hour or less.
What about the implementation team?
This was set up in-house.
What was our ROI?
It is really hard to put a number on ROI but I will say that AlienVault has allowed us to close the gap on security alert timing and we can respond to incidents in a much more timely fashion which, to me, is much more valuable than a number.
What's my experience with pricing, setup cost, and licensing?
AlienVault is flexible on their pricing for unlimited licenses.
Which other solutions did I evaluate?
We evaluated Splunk as well. AlienVault was a much cheaper solution and required less time to be rolled out. Splunk is a much more difficult product to work with and almost requires a dedicated employee to manage.
What other advice do I have?
I highly recommend AlienVault USM for anybody that is seeking a SIEM solution that is easy to implement and easy to manage. It works very well for small- and medium-size businesses.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
May 25 2017