What is our primary use case?
We are using it for audit compliance. Because when we have audits, we are required have a central event log storage location. If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically.
How has it helped my organization?
It was purchased so we would be in compliance. That is our main reason, and it works very well.
The product satisfies our compliance, and thus, all of our auditors. All of the data that we use and store for all security events is required by our auditors to be kept in a central storage location.
EventTracker provides a great place to do our searches for certain types of events. We can go there, run the search engine, and it runs extremely fast, especially compared to the version that we previously used. E.g., instead of connecting to each individual domain controller to search events, we can go to one location.
What is most valuable?
We can search all event logs and domain controller security events.
The dashboard is laid out very well. I handle all the group policy compliance settings, and I get to play the bad guy who locks everybody down.
The UI is fairly good. I have a laptop that I use to connect remotely. I use the simple console, which is sitting at work, and connect to it directly.
What needs improvement?
The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
It is very stable. The product has been very smooth to work with recently. I am extremely happy with the way that it is right now.
We have had issues with it in the older versions (7.2). Because of our number of events that we generate, it used to stall and take a long time to do searches. Once we upgraded to 8.2, it pretty much resolved those issues. It was around 2015 when we upgraded.
What do I think about the scalability of the solution?
I have not seen any issues with it scaling.
We have close to 40 users in our organization: security administration, help desk, and sysadmins.
How are customer service and technical support?
Usually whenever we call the technical support, it's a big issue. I've not had any problems with them. They have been very responsive.
Which solution did I use previously and why did I switch?
For the compliance, this is probably one of the first product that we got for our Windows side.
What was our ROI?
EventTracker has increased the productivity in our organization.
What's my experience with pricing, setup cost, and licensing?
The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high.
Going forward, we have to get more licenses for our domain controllers.
Which other solutions did I evaluate?
We are always evaluating new tools. We decided on Netsurion because of its UI and ease of use. My team agrees that the solution is reliable and easy to use.
What other advice do I have?
Get the preferred support. This is for the guy who uses and maintains the back-end of the system. Because if you don't have your firewall configurations configured correctly, you will need to have that support.
All of our domain controller event logs are consolidated and stored on the server. Right now, we are sitting at 101 domain controllers, which is way too many. However, this was one of the main reasons why we purchased it, and it is performing well. The product version that we are on right now is much faster than the version that we were previously on.