Most Helpful Review
Use Quest InTrust? Share your opinion.
Lacks log/URL monitoring and reports are limited to 1,000 servers though it's relatively inexpensive
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in.
The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring.
The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats.
I would rate the technical support very well as they are knowledgeable and quick to respond.
Flexible architecture: You can extend the system and its capacity by attaching another cluster pair.
With this tool it is interesting to show the info to the client and explain where the traffic is.
It's given us the ability to create various real-time network performance reports and distribute them to any colleague who can access these reports immediately.
The automation feature is good because if your CMDB is OK and it is already in sync, then the automation part is good to go.
Scalability. I have never had to worry about how to handle really big environments.
The monitoring of the network is very customizable. That is its unique feature.
There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days.
I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports.
The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit responding, then we have to go and redeploy them.
It needs to have better reporting.
It was very complex. There was poor native correlation.
SevOne should work with the graphs legend functionality.
The method of searching for SIP and the way to create the groups.
Software upgrades can be tricky is not easy.
There is no service mode setup in this monitoring tool if you want to snooze alerts for any specific amount of time, to account for any activity change or major incident.
The GUI: both the dashboard/user view and the admin tool.
Pricing and Cost Advice
The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same.
Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good.
The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value.
Do a PoC. Make it detailed so it can help later.
Prices per license are not huge, but they exist.
It is inexpensive compared to other monitoring tools.
Choose a SevOne partner who can provide SevOne as a service and can deliver professional services and maintenance.
Have a bank of licenses, because it is about the number of objects (RAM, ports, CPU, etc.).
Compared 41% of the time.
Compared 26% of the time.
Compared 10% of the time.
Compared 52% of the time.
Compared 18% of the time.
Compared 12% of the time.
Compared 11% of the time.
Compared 7% of the time.
Compared 6% of the time.
EventTracker by Netsurion delivers actionable security intelligence that empowers organizations of any size to effectively detect and respond to advanced threats.
EventTracker Security Center
InTrust is an event log management solution that addresses all of these concerns in heterogeneous environments composed of Windows, Unix and Linux servers, databases, business applications and network devices.
InTrust enables you to securely collect, store, search and analyze massive amounts of IT data from numerous data sources, systems and devices in one place. Get real-time insights into user activity for security, compliance and operational visibility.
SevOne provides the only digital infrastructure performance monitoring solution engineered for Speed at Scale for the world’s most demanding service-delivery environments. The patented SevOne Cluster™ architecture leverages distributed computing to monitor any device in the service-delivery path, integrating performance metrics, flows and logs at scale, and providing answers in seconds to prevent performance-impacting outages. SevOne’s global customer base includes 5 of the 7 top global investment services companies, enterprises, CSPs, MSPs and MSOs. SevOne is backed by Bain Capital Ventures and was named a Visionary in Gartner’s 2015 Magic Quadrant for Network Performance Monitoring and Diagnostics. More information can be found at www.sevone.com and SevOne’s video channel and community, The Network Project. Follow SevOne on Twitter at @SevOneInc.
Learn more about EventTracker
Learn more about Quest InTrust
Learn more about SevOne
|The Salvation Army, The FRESH Market, Pacific Western Bank, AAOS, Vanderbilt University, Talbots||Platinum Bank||Aflac, Comcast, Credit Suisse, CSC, eBay, Electronic Arts, Lockheed Martin, NASDAQ, Telstra, Time Warner and Verizon.|