- Real-time email alerts
- Event correlations
- Log management
- System monitoring
- Network monitoring
- Up-time monitoring
- OTX threat intelligence
- Vulnerability scanning reporting
There are too many to list.
There are too many to list.
It has given us insight into our network:
It is one location to view many things.
The menu system can be a little confusing, until you use it for a while. Such as at the top right there is a “settings” menu. Which is more of a user profile menu. I would like that to say what it is “My Profile.” Under the “Settings” menu I had rather see true system settings. Such as User Accounts, Configuration Backups/Restore, SMTP server Setting, AD (LDAP) settings, Password Policies, and other true System Settings. There is also a large button at the right called “Configuration.” I would change that to something like “Deployment Settings”. Under this menu I would have settings specifically related to “this deployment of AlienVault”. Such as Plugins, Sensors, Remote Locations, and Services Running on this deployment (with the ability to Enable/Disable these and Start/Stop these). Also here I would have a sub-menu called “System Performance” with metrics (CPU usage, Swap, Ram, database health (with cleanup and compress options), Network Traffic In/Out performance for each NIC, and etc. Currently Threat Intelligence items are also under Configuration. I would make a separate “Threat Intelligence” menu and expand upon it to cover more items. Just my thoughts.
I guess it comes down to my being old school and would like traditional menus. Such as text-style drop-down menus from the top and not the huge big button menus. Like File, Analysis, Environment, Reports, Settings, Deployment Settings, Preferences, help, and etc. The text-type tend to be much more explanatory as to what is in them below. I know a lot of software has gone to the big button/ribbon style menus (MS Office). I assume that is to make things mobile friendly. To me it makes navigation less easy and more confusing and the big buttons take up too much screen real estate that I have rather see for other things such as alarms and real-time system activities.
We have been using this solution for just over one year.
There have been no major deployment issues.
There have been no major stability issues.
There have been no scalability issues. We recently moved from 150 asset licenses to unlimited and the process was very easy.
Customer support is excellent. Support has been good for simple config issues and for alert questions. They have a great forum base as well as live support.
I would rate technical support as very good.
We used hardware based as well as open source solutions before. We still use some of them, but AlienVault allowed us to consolidate a lot of services into one.
The installation was straightforward. We use the VMware base All-In-One USM. It was quite straightforward. It required a little customization, but it was not too difficult to sort through.
It was a joint collaboration.
We saw a positive ROI within six months, especially in terms of manpower.
Just give them a call. They can work with you in many ways to help you get what you need.
We looked at several options. And we were already using several of them, both paid and open source. AlienVault allowed us to combine several solutions into one.
If you are interested, sign up for some of their webinars, download the free trial or open source versions, and play with it.