Varonis Datalert Review

Alerts and detects abnormal behavior and is easy to set up, configure, and customize


How has it helped my organization?

We were doing a proof of concept for two hospitals. One of them decided not to use Datalert and then they got hit with ransomware, which took $10 million to recover the data. The sister hospital where we were doing a proof of concept never got hit, because we picked it up and stopped it before it happened.

What is most valuable?

The analytics would have to be our most valuable feature because when you look at how we build profiles as to how people usually use the system, how they access data, it can alert or detect when people are doing things that are contrary to that normal behavior.

What needs improvement?

I'd like to see automatic updates for this solution. Currently, it's a manual process to update all the keywords. It would be nice to have an automatic download whenever they post a new version.

What they do, they do very well. I think they're trying to get a little outside of their core competencies, though. That has the potential for causing other problems.

What do I think about the stability of the solution?

This model is very stable. They've got some newer ones that still need a little time in the field to stabilize.

What do I think about the scalability of the solution?

It's very scalable because it's actually looking at the data. It's not looking at endpoints or anything like that. You really just need a server large enough to run the database.

How are customer service and technical support?

Their technical support is very good. They have full, 24/7 access to engineers. You're not just dealing with a help desk type person. They have almost immediate escalation. 

If you previously used a different solution, which one did you use and why did you switch?

We actually use this to support our customers and we evaluated a number of different products. I was very familiar with it. I knew I would get support. It handles things in a different way than other similar products.

How was the initial setup?

The entire suite took a couple of hours to set up. That included customizing rules, alerts, reports, etc. It's very easy to set up.

What was our ROI?

The example I used with the hospital gives a very clear picture of the ROI. It would have cost them $300,000 to purchase and deploy the product. Instead, it cost them $10 million to recover their data, and then they brought the product anyway. Everyone is going to get hit. If you look at all the others out there, they've all invested in firewalls and web security. They are after data and access to it. Everyone is going to get hit, one way or another. You can't keep on without it.

What's my experience with pricing, setup cost, and licensing?

There are options. You could do a subscription, where you pay yearly, or you could purchase it outright. The licensing cost is based on the number of users on the system that you are monitoring. At the end of each year, this is adjusted, depending on whether your company grows or shrinks.

Which other solutions did I evaluate?

There isn't really any single product that competes with their whole suite, but Symantec probably comes closest as a direct competitor. The Datalert solution was so easy to set up, configure, and customize. It was just a better solution for us.

What other advice do I have?

Proof of concept and evaluation takes about a month. I would recommend not to skip this stage.

I would rate this solution as nine out of ten. What it does, it does really well. Some of the newer functionality that they're bringing out requires a lot more resources, so your infrastructure costs are going to go up and I'm not quite convinced that they have got it where it needs to be to provide the data that you have that can talk to you. Otherwise, it would have gotten a ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Add a Comment
Guest
Sign Up with Email