AT&T AlienVault USM Review

Provides a good platform to start looking at the traffic on your network.

What is most valuable?

Event monitoring and vulnerability scanning have been a huge benefit to us.

How has it helped my organization?

It provides a good platform to start looking at the traffic on your network.

What needs improvement?

Most of the troubleshooting requires going through the Linux command line and bypassing the GUI. We have a wide variety of users with different technical expertise. For some, any amount of command line troubleshooting scares them away from products.

For how long have I used the solution?

We have been using this solution for a year.

What was my experience with deployment of the solution?

Our deployment was rather unique and is pushing the limitations of the architecture that we chose. Given from what I have learned, if you have large deployments of the separate networks, then do not attempt to use remote sensors on those network segments.

What do I think about the stability of the solution?

Many of the patches typically have some bugs that we end up finding. We ended up implementing a deployment in our lab so as to fully test it internally, before patching.

What do I think about the scalability of the solution?

The system is quite scalable however, it is best to understand the limitations of the different architectures offered.

How is customer service and technical support?

Customer Service:

The customer service is excellent, we have quick and knowledgeable help on all our calls.

Technical Support:

The support team is also excellent with very knowledgeable engineers.

Which solutions did we use previously?

This was our first solution for this type of security appliance.

How was the initial setup?

The initial setup was straightforward, but adding in more sensors made it a bit more complex.

What about the implementation team?

We had vendor help for the initial setup, however, the additional sensor expansion was in-house.

What was our ROI?

We quickly found some issues after deploying and have used the vulnerability scanner to verify patches are properly applied in the environment.

What's my experience with pricing, setup cost, and licensing?

If you expect to have a significant amount of devices on a sensor, then look at the cost/performance of going to a full server.

Which other solutions did I evaluate?

We evaluated LogRhythm and QRadar.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
Julia FrohweinCommunity Mgr

Can you elaborate on why you went with AlienVault over LogRhythm and QRadar?

29 May 17
Tami AndrewsVendor

Thanks Chris for your feedback & comments!

26 June 17
Sign Up with Email