What users are saying about

AlienVault USM vs Palo Alto Networks Threat Protection

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
335 Ratings

Palo Alto Networks Threat Protection

6 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
335 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101

Based on 335 reviews and ratings

Palo Alto Networks Threat Protection

6 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.9 out of 101

Based on 6 reviews and ratings

Add comparison

Likelihood to Recommend

AlienVault USM

Since AlienVault is a versatile tool, having versions for various cloud providers as well as virtualization frameworks, it adheres to the most diverse scenarios. Another strong point to be highlighted is how the company is constantly improving the product. AlienVault is famous for the effort the company puts behind the tool, and it is being improved constantly by adding new resources.

Read full review

Erlon Sousa Pinheiro profile photo
Erlon Sousa Pinheiro
View all 199 answers on this topic

Palo Alto Networks Threat Protection

I think threat prevention on a certain level could be used in all Palo Alto deployments (even if just alerting without blocking).

Read full review

Alex Waitkus, CISSP-ISSAP, OSCP profile photo
Alex Waitkus, CISSP-ISSAP, OSCP
View all 1 answers on this topic

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Palo Alto Networks Threat Protection
Centralized event and log data collection
AlienVault USM
8.0
Palo Alto Networks Threat Protection
Correlation
AlienVault USM
8.0
Palo Alto Networks Threat Protection
Event and log normalization
AlienVault USM
8.0
Palo Alto Networks Threat Protection
Deployment flexibility
AlienVault USM
7.0
Palo Alto Networks Threat Protection
Custom dashboards and views
AlienVault USM
6.0
Palo Alto Networks Threat Protection
Host and network-based intrusion detection
AlienVault USM
7.0
Palo Alto Networks Threat Protection

Pros

  • Up to this point, I have had no issues integrating with a system we currently have in production. while AlienVault stays on top with plugin updates.
  • Te dashboard is very informative when you figure out how to navigate around it and tweaked to your organization needs.
  • Correlation of events is probably my favorite as I normally only need to jump on the AlienVault dashboard to hammer down on network traffic/activity details.

Read full review

AJ Gumataotao profile photo
AJ Gumataotao
View all 199 answers on this topic
  • The threat engine has constant updates for important threats.
  • Wildfire helps supplement the Threat engine to help protect against 0 day threats.
  • The way the threat engine can be added at different levels to different zones and policies helps to ensure business essential traffic can have policies that are tuned to ensure traffic will flow.

Read full review

Alex Waitkus, CISSP-ISSAP, OSCP profile photo
Alex Waitkus, CISSP-ISSAP, OSCP
View all 1 answers on this topic

Cons

  • Because AlienVault USM combines several well know components, you have to life with the fact, that they are not in their latest version, i.e. the integrated OSSEC, which should be replaced with the OSSEC-Wazuh fork instead.
  • Due to the all-in-one approach, the solution is quite resource hungry. You have to have a decent machine to run it.
  • The reporting module is nice, but sometimes it is quite a challenge to configure a custom report as you will only get the results you want after a trial and error run.

Read full review

Christian B. Caldarone profile photo
Christian B. Caldarone
View all 199 answers on this topic
  • Visibility into signatures and how they function/what triggers them would be very beneficial.
  • Lacking customizability compared to other tools.
  • Inability to write custom signatures easily and for traffic with small (less than 8 bit) signatures.

Read full review

Alex Waitkus, CISSP-ISSAP, OSCP profile photo
Alex Waitkus, CISSP-ISSAP, OSCP
View all 1 answers on this topic

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a very well built software and solution for meeting our cybersecurity needs. The staff is always very well responsive with any issues that we have and it is perfect for satisfying FINRA's cybersecurity regulations.

Read full review

Mikhail Suleymanov profile photo
Mikhail Suleymanov
View all 13 answers on this topic
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
Almost all functions are intuitive, custom logging is not very easy to configure.

Read full review

Dana Hancock profile photo
Dana Hancock
View all 33 answers on this topic
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.

Read full review

Jason Cresswell profile photo
Jason Cresswell
View all 24 answers on this topic
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
The one thing to remember is where to place the sensors within your organization. It is one thing to collect and analyze data, but collecting the right data is key. This is where AlienVaults experts really help. Instead of trying to sell you a gazillion sensors, they walk you through your network to make sure he sensors are where they need to be so you can achieve your goal. Implementation works so well because they take the time upfront to know your goals before they help you achieve them.

Read full review

Matthew Frederickson profile photo
Matthew Frederickson
View all 37 answers on this topic
No score
No answers yet
No answers on this topic

Alternatives Considered

We looked at a number of other products besides AlienVault. Most of them were software packages that had OK reviews, but would have been costly to implement and time-consuming to maintain. AlienVault was an all-in-one appliance, though it comes in a virtual machine that you can run as well. We chose the USM because of our virtualization resources were getting pretty tight at the time we chose AlienVault, and we prefer hardware appliances.

Read full review

Christopher Taylor profile photo
Christopher Taylor
View all 199 answers on this topic
It is comparable but not as robust as other stand alone IPS/IDS.

Read full review

Alex Waitkus, CISSP-ISSAP, OSCP profile photo
Alex Waitkus, CISSP-ISSAP, OSCP
View all 1 answers on this topic

Return on Investment

No answers on this topic
  • New deployment hasn't been fully calculated yet.
  • With the addition of Panorama and central logging, event investigation has become more streamlined.

Read full review

Alex Waitkus, CISSP-ISSAP, OSCP profile photo
Alex Waitkus, CISSP-ISSAP, OSCP
View all 1 answers on this topic

Screenshots

Palo Alto Networks Threat Protection

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Pricing Info

Palo Alto Networks Threat Protection

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Palo Alto Networks Threat Protection More Information