Before buying the solution, ask for an overview and use-case session. Learn the infrastructure requirements and EPS cost. The solution is hyper-cloud which is a hybrid model, so budget for both on-premises needs and cloud service. Ensure that you can sustain the cost of running a SIEM solution because it is hard work to change solutions. 

If you need a parser to integrate existing technologies or a stack, be sure to tell your vendors before buying the solution. Bind them to the same timelines and agreements. We had a couple of lags during the POC stage that took DNIF a long time to resolve after implementation. Timelines published on the internet for TAC response are very generic so make sure they are customized as part of any agreement. 

In rating the solution, I have considered several factors. There are lots of improvements needed. The infrastructure specs are huge and require on-premises management. The solution should have a completely cloud-based option or only require a lightweight infrastructure it is managed as a service. There should be a two-way exchange where issues proactively flow to a dashboard where anyone can take action. 

Overall, I rate the solution a seven out of ten. 

This is a good solution for those with financial constraints. Otherwise, we recommend LogRhythm or Splunk for a higher-quality product. DNIF requires the creation of infrastructure, six or seven servers. It also requires a support team so I think it's better to buy a cloud solution that will take care of all that. If you're going with DNIF, then always make room for additional capacity from the beginning. I would also recommend hiring a professional who has worked on the DNIF backend, because otherwise, you will again be dependent on the company to solve every issue.

I rate the solution seven out of 10. 

I recommend learning the basics of cybersecurity networking and how servers are maintained. DNIF offers documentation and you can find all the information regarding components like PCO adapters on their website. If you're working in an enterprise company, use the technical support team to help with deploying some components on your system and learn how the functionality works. From there, you can learn about all the use cases, threat monitoring and the like.

I rate the solution eight out of 10. 

I would tell potential users that there are many other tools in the market. I will encourage them to explore as there are many good tools. However, DNIF HYPERCLOUD, IBM QRadar, AlienVault, and Azure Sentinel are some of the best.

On a scale from one to ten, I would give DNIF HYPERCLOUD an eight. 

I would definitely recommend DNIF.

We have been using this solution for about six months now. It is a very new solution. It is a next-generation SIEM with security analytics and UBA - User Behavior Analytics. We have a very good team of security analysts who manage installation, implementation, and monitoring of the solution.

DNIF is much faster, much more responsive, and far superior when compared to competitive tools.

It offers a cloud model, in a very secure way, or you can deploy it on-premise, where it is much safer. Here in India, and even elsewhere, banks have a policy of not letting their data outside of the organization's data center. For those banks, DNIF will have to be deployed on-premise. For other organizations, whether they are e-commerce, manufacturing, or any other type, they can deploy it on the cloud. The cloud version is also is quite fast. The log collection works quite well, consistently. Our consultants are able to remotely monitor and do their jobs properly.

End-users don't use this solution. The main job of this solution is to collect the logs from different devices. The end-users do their normal e-mailing, their normal transaction-processing, etc. But their log sessions, their logins and logouts, are logged in Active Directory. Or if somebody accesses the internet, they have to pass through the firewall and, based on the firewall rules and policies, they are allowed access to different websites. All these sources have logs that are collected and sent to the DNIF. The solution stores the logs. 

Our security analysts monitor them to find out if there is any malware, attack, or hacker who is hacking at a client and we report on that. The users are the information security team. On our side, the users are my security analysts.

We not only find out if there is an anomaly or any malware, we also do incident response. We have a ticketing tool and use that tool to report if there are any serious incidents which need to be looked into immediately, and we resolve it along with the client team.

We're just a customer. We're not a partner or reseller.

While we use the on-premises deployment model, our data center is outsourced, and we have dedicated servers for it.

Other companies should see the capability of the tool to integrate into their current solution. It's something they should look into. 

Since I don't have much experience with other solutions, and can't compare it to anything, I'd rate the solution six out of ten.