The tool's deployment process is not overly complex, but troubleshooting and post-deployment tasks can be challenging, especially when dealing with agent-related issues. Troubleshooting agents often involves removing configuration files and making host configuration changes, which can be more cumbersome than other solutions. As for deployment time typically takes around a week or more, considering all the requirements analysis and preparation.

You need two resources to handle the deployment. One person can focus on requirement analysis, while the other person, preferably an end-to-end deployment engineer, is familiar with the organization's architecture.

The initial setup is easy, partly because LogRhythm is primarily based on the Windows platform. It's good to have two engineers for deployment but it can be done with one. It's more about the knowledge. Deployment is typically done in two or three different phases. It usually takes up to three full months to get good deployment. There's the initial onboarding of all the log sources, then collecting data in the data lake, followed a couple of weeks later with some minor tuning before the final tuneup.

We encountered challenges during the tool's implementation. 

Straightforward. We had to do a couple of changes in a couple of places that were very specific, but the applications were already precompiled and we just had to run it in the various locations. So it was pretty straightforward.

Setting up LogRhythm UEBA is straightforward because my company just integrates the product.

LogRhythm UEBA is easy to set up compared to other technologies, so it's a ten out of ten in terms of setup.

Deploying the product is a quick process, but what takes longer is building the use cases and developing LogRhythm UEBA. It's the same process, duration-wise, in on-premise and cloud deployments.

The initial setup is very complex.

It's straightforward. It takes a few days to find anomalies and abnormal behavior. In general, it's of medium level complexity. 

It took us about a month and a half to deploy this solution. The first month involved the setup and then there were two weeks of fine-tuning. In total, after six weeks we were able to bring up the system without any issues.

The deployment for our customers is usually on-premises, although there is a cloud version as well.