We performed a comparison between DX Unified Infrastructure Management and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"It is easy to implement."
"It gives us visibility inside applications. It helps us to dig down and find the root cause of any issue within the network."
"You can integrate clouds, hybrid infrastructure, and on-premise infrastructure into one product."
"Latest version of tool comes integrated with Jaspersoft reporting solution, giving excellent reports."
"Monitors the infrastructure asset and also monitors as an IT service."
"The ability to monitor any platform. We have Windows, Linux, AIX, and mainframe all being monitored with the same UIM infrastructure."
"It delivers our customers many metrics, so they may make decisions"
"I definitely appreciate the flexibility and ease of use. We've been using UIM for almost three years now. It's pretty much point and click, very easy to use. And we've had no problems scaling it to our own environment."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"We are able to diagnose problems before our customers."
"We can integrate threat intelligence solutions into the product."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"The only thing is sometimes you can have a false positive."
"The solution could improve the playbooks."
"The on-prem log sources still require a lot of development."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"It needs a little bit more functionality in the Admin Console."
"The other element is that there are no real templates, out of the box. Let's go with an example where we do have the probe, which is great, and we do have a really nuanced customer with a small set of devices that maybe not a lot of other customers use. There might not be a template in place, so effectively we have the tool in front of us but we still need to develop a solution. So it would be really nice to see a little bit more of something like a central repository of templates that we could use. That would help us expedite our onboarding process."
"There is also room for improvement in the reporting. It is not really good enough, according to our customers. So what we now usually do is use Power BI to get them the kinds of reports they want."
"We have experienced challenges with finding a mechanism to deploy the agents, but it's only on the first deployment so it's not a big issue."
"A useful feature to have would be automatic configuration per standard by new robots that check in for any particular customer."
"I'd also like to see more probes. More probes in the sense that we were coming across devices that we're expected to monitor and manage for which, out of the box, there isn't a nice, clean solution. There are probes that are dedicated for certain devices and certain device types, which is great. But then there are times we come across nuanced products that we have to develop our own solution for. There are probes that exist in there that allow us to make a customized solution, but it takes a lot more time."
"It would be good to implement views showing the aggregated status graphically."
"They need to continue to advance the filter capabilities, and provide more input fields."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"The solution should improve its UI."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
More DX Unified Infrastructure Management Pricing and Cost Advice →
DX Unified Infrastructure Management is ranked 30th in IT Infrastructure Monitoring with 120 reviews while Sumo Logic Security is ranked 20th in Security Information and Event Management (SIEM) with 17 reviews. DX Unified Infrastructure Management is rated 8.2, while Sumo Logic Security is rated 8.4. The top reviewer of DX Unified Infrastructure Management writes "Easy to set up, simple to use, and offers great technical support". On the other hand, the top reviewer of Sumo Logic Security writes "Integrates well, useful rules, and beneficial GUI". DX Unified Infrastructure Management is most compared with DX SaaS, DX Spectrum, SCOM, ManageEngine OpManager and Nagios XI, whereas Sumo Logic Security is most compared with Splunk Enterprise Security, Wazuh, Rapid7 InsightIDR, VMware Aria Operations for Logs and IBM Security QRadar. See our DX Unified Infrastructure Management vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.