AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101
22 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 6.8 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

McAfee Enterprise Security Manager

McAfee Enterprise Security Manager is well placed when the environment has other Intel products. We operate McAfee Move and the two products work extremely well together. The anti-virus product can be very cumbersome if used with another SIEM solution when log collecting.We have other areas where intel solutions are not in use and in these circumstances we used another well-known SIEM solution that had an easier implementation phase than Intel's and where remote access was challenging.
Philip Clarke profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
McAfee Enterprise Security Manager
6.8
Centralized event and log data collection
AlienVault USM
8.0
McAfee Enterprise Security Manager
9.0
Correlation
AlienVault USM
8.0
McAfee Enterprise Security Manager
8.8
Event and log normalization
AlienVault USM
8.0
McAfee Enterprise Security Manager
7.4
Deployment flexibility
AlienVault USM
7.0
McAfee Enterprise Security Manager
4.2
Custom dashboards and views
AlienVault USM
6.0
McAfee Enterprise Security Manager
4.3
Host and network-based intrusion detection
AlienVault USM
7.0
McAfee Enterprise Security Manager
6.7
Integration with Identity and Access Management Tools
AlienVault USM
McAfee Enterprise Security Manager
7.5

Pros

  • Up to this point, I have had no issues integrating with a system we currently have in production. while AlienVault stays on top with plugin updates.
  • Te dashboard is very informative when you figure out how to navigate around it and tweaked to your organization needs.
  • Correlation of events is probably my favorite as I normally only need to jump on the AlienVault dashboard to hammer down on network traffic/activity details.
AJ Gumataotao profile photo
  • Advanced Threat intelligence gives us the ability to prioritise alerts quickly and efficiently.
  • SIEM log collection allows us to integrate our other Intel products to a centralised point.
  • Physical appliances is one of the areas we have moved away from, so the ability for ESM to be available as a VDI was key.
Philip Clarke profile photo

Cons

  • At times I do find navigating the dashboard for very specific functions to be difficult.
  • For entry level security analysts or administrators I feel can get overwhelmed with the amount of data available from a single platform (in a good way)
  • helpful to understand Linux for certain tasks
AJ Gumataotao profile photo
  • The migration off of Flash has been painful. The new interface is very difficult to work with. Even support tends to fall back to the Flash version.
  • The GUI is not intuitive under any version. Finding settings takes a significant amount of learning.
  • While the product is supported, the transitions from various directions have left the future of the product in question. It used to be the interface for IDS, but the new IDS is stand alone.
  • The way McAfee has dropped products with no warning in the past makes us skeptical of trusting any stated roadmap.
No photo available

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
We have been using AlienVault USM Appliance for nearly 3 years. The power and flexibility of the device for IPS and IDS is amazing. We are able to identify threats and stop them before damage can be done.
Randy Kouns profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
I have a 50/50 rating on this because they have been helpful in one aspect but not in another. They seem to be fairly responsive to requests, but like with my most recent request no solution offered. that is not truly a fair statement, but rather no solution unless I agree to pay additional fee's. From conversations with both our sales rep and another representative they both indicate that we have 3 years of extended support, but the problem reported to them is not covered under our support agreement.
James Ellsworth profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
The best recommendation I can offer is understand the system that is being installed. Knowing how to configure and specific expectations that you expect from the machine. I would say to watch the tutorials and the online video's, get yourself involved with the community forum and ask the questions if you do not understand.Our company did not make the best choice on the computer that the service was installed on and it has led to some adverse effects that did not appear until now, almost 2 years later and needing to re-install the entire system all over again.If you need the help, ask for it. The technical support team at alienvault and community forum members are always there to answer questions.
James Ellsworth profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

None at the time as the product was purchased before I joined the organization.
AJ Gumataotao profile photo
Splunk tends to be the top dog in the space. Everything is compatible and it's capable of anything. You just have to have the time and money to do the work. And if you have a large volume of logs (and who doesn't?), it's not cheap. McAfee Enterprise Security Manager's advantage is supposed to answer Spunk's weakness. You don't have to build everything from scratch. Out of the box, tools are supposed to make the tool valuable from day one. This is true, but, as always, take the sales pitch with a grain of salt. Get a live demo to see the navigation and interface. If your SOC is going to have to live with these screens day in and day out, make sure you're prepared.
No photo available

Return on Investment

No answers on this topic
  • For a tool that advertises how many correlations come out of the box, the selling point of easy administration is lost in the difficulty of administration.
  • The value of the tool being a significant part of the McAfee portfolio is questionable when integrated products are dropped without warning.
  • I would not put McAfee Enterprise Security Manager in a top three SIEM class, its more like a member of the top 10.
No photo available

Screenshots

McAfee Enterprise Security Manager

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

McAfee Enterprise Security Manager

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

McAfee Enterprise Security Manager More Information