- Easy to deploy
- Easy to create use cases
- Easy to review an offense
- Its correlation engine is one of the best
I usually work on the deployment and fine-tuning of this product. However, I have some operational experience as well. For instance, you can simply audit all the IT equipment in your environment, such as the firewall, the IPS, and the Active Directory (AD) server.
It should have built-in blocking capability.
I have used this solution for four years.
On a scale of 100, it is 95% stable.
I did experience some scalability issues in one organization.
The technical support is excellent.
We were not using any other solution previously. This was my first solution. I am still working on it. I also have experience with McAfee Nitro and LogRhythm.
The setup was straightforward.
The pricing will definitely vary according to your EPS, but it is worth spending money on this product.
We looked at other solutions, such as McAfee Nitro and LogRhythm.
Work on sizing as much as you can so you can avoid any issues after deployment. You should also fulfill hardware requirements for this product. Otherwise, you will not get its full functionality.