AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101
40 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 9.1 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

Next-Generation Firewalls - PA Series

Palo Alto is great for mid to large size businesses with 200 users or more. They provide amazing protection that is extremely customizable. Almost nothing gets a chance to get into the network for our endpoint protection to pick up. For smaller businesses, Palo Alto would be overkill. It can be complicated to configure and manage and might be too robust for small, simple networks.
Jennifer Greulich, GSED, GSEC profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Next-Generation Firewalls - PA Series
Centralized event and log data collection
AlienVault USM
8.0
Next-Generation Firewalls - PA Series
Correlation
AlienVault USM
8.0
Next-Generation Firewalls - PA Series
Event and log normalization
AlienVault USM
8.0
Next-Generation Firewalls - PA Series
Deployment flexibility
AlienVault USM
7.0
Next-Generation Firewalls - PA Series
Custom dashboards and views
AlienVault USM
6.0
Next-Generation Firewalls - PA Series
Host and network-based intrusion detection
AlienVault USM
7.0
Next-Generation Firewalls - PA Series

Pros

  • Up to this point, I have had no issues integrating with a system we currently have in production. while AlienVault stays on top with plugin updates.
  • Te dashboard is very informative when you figure out how to navigate around it and tweaked to your organization needs.
  • Correlation of events is probably my favorite as I normally only need to jump on the AlienVault dashboard to hammer down on network traffic/activity details.
AJ Gumataotao profile photo
  • Performs a lot of security functionality all in one device - this is important because especially in today's world, there are a lot of point products out there and it can be difficult for a small or medium-sized business to manage all of them. Having one product saves time, money, and complexity.
  • High availability performance is very good, failover is seamless, which is important for business continuity.
  • GUI is excellent, which makes it very easy for administrators to manage the firewall and see exactly what is happening.
No photo available

Cons

  • Walking through all the devices after a Nmap or device discovery scan can be tedious to get the data correct
  • When deploying HIDS, it would be better if the system gave more detail as to the deployment error
  • Offline updating of licenses can be a little time-consuming
Clark Crain profile photo
  • The web interface to look at real time events is very slow and clunky.
  • The searching feature is hard to figure out what parameters you use.
  • The GlobalProtect VPN client has a few strange features that have increased support hours. It's easy to work around but caused a few unnecessary tickets.
No photo available

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
Best SIEM out there. Built for the serious security practioner. Has features you would expect in something much more expensive. Product continues to be refined and improved.
Matthew Frederickson profile photo
Next-Generation Firewalls - PA Series10.0
Based on 1 answer
This firewall is the most comprehensive firewall with the easiest interface I've ever used. The interface is also very intuitive and it's easy to figure out what features will or will not do if they're turned on or off. The logging and reporting features are also great. Easy to understand and to generate.
Jennifer Greulich, GSED, GSEC profile photo

Support

AlienVault USM7.6
Based on 24 answers
Based on previous experience we had to explain and demonstrate the problems several times; fixes takes long time to be implemented and rolled out to end users. Several times we had to guide the support contact to fully understand the problem
Bilal Al Sabbagh profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Implementation is easy but having easy access to support and professional services is a great help. Getting it up and running is very easy, getting it configured for your specific environment does take a little more work, when you run into any issues support or your professional services provider is always there.
Karl Hart, ACSE, CEH, CHFI, CISSP profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault USM works well for any company size. LogRhythm might be too much if your company is not already big, and the same can be said of McAfee Enterprise Security Manager. If this is your first SIEM, it's a really good choice and has nothing to envy from the others I'm comparing it with. I also recommend the cloud version of AlienVault, the USM Anywhere, which the interface is a bit different, but the principles remain the same. Also, the McAfee Enterprise Security Manager has a Flash-based interface, for which Adobe is phasing out. AlienVault USM is HTML5 and can even be used mobile.
Ivan Montilla Miralles profile photo
These are cheaper (or at least were) than the Meraki firewalls and they allow you to integrate with Palo Alto Wildfire, which is valuable. This allows for a more real time analysis of packets (though we may have to upgrade to a larger firewall to use this). The PA-500 VPN is also a nice, easy to use feature.
No photo available

Return on Investment

No answers on this topic
  • Less time for users to connect to the VPN (globalprotect can be set to be "always on")
No photo available

Screenshots

Next-Generation Firewalls - PA Series

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Next-Generation Firewalls - PA Series

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Next-Generation Firewalls - PA Series More Information