AlienVault USM

328 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101

Next-Generation Firewalls - PA Series

37 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 9.1 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

Next-Generation Firewalls - PA Series

The PA-3000 Series is well suited as a single point of control for internet access. The PA-3000 series also provides support for internal network segmentation. I can't speak from experience for other scenarios but I have a colleague at another organization who uses multiple Palo Alto firewalls in their deployment and is very happy with them.
Gary Halbedel profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Next-Generation Firewalls - PA Series
Centralized event and log data collection
AlienVault USM
8.0
Next-Generation Firewalls - PA Series
Correlation
AlienVault USM
8.0
Next-Generation Firewalls - PA Series
Event and log normalization
AlienVault USM
8.0
Next-Generation Firewalls - PA Series
Deployment flexibility
AlienVault USM
7.0
Next-Generation Firewalls - PA Series
Custom dashboards and views
AlienVault USM
6.0
Next-Generation Firewalls - PA Series
Host and network-based intrusion detection
AlienVault USM
7.0
Next-Generation Firewalls - PA Series

Pros

  • AlienVault enables integration with external technologies, thereby broadening its scope and possibilities.
  • AlienVault has a dashboard customization and reporting scheme that makes it flexible to query your data, allowing you to model the tool according to your needs.
  • AlienVault will make you forget the need to consult some information on AWS Cloudtrail. It extracts the data from there and delivers in a much more efficient way.
  • With a single tool you can monitor your cloud and on-premises environment.
Erlon Sousa Pinheiro profile photo
  • AppID is able to see what the actual internet traffic is. For instance instead of port 443 just being "Internet traffic" we can define access to Facebook-base or all the other facets of facebook.
  • UserID allows us to define policies based on group or user access and integrates with our Active Directory. This helps to configure a least access privilege and if we find misuse of the network we can tighten specific users to a stricter policy.
  • GlobalProtect VPN connection helps our employee's connect from home remotely. This provides a very secure connection with minimal configuration.
  • Wildfire provides very up-to-date information regarding global attack mitigations and stopping techniques.
Christopher St.Amand profile photo

Cons

  • Their commercial policy on stored data makes you need to filter out some information before it is stored.
  • Their new agent does not allow you to create local filters, which can easily lead to the overrun of monthly contracted storage limits.
  • It does not allow you to create log analysis plugins. If it were allowed, it would be possible, for example, to create a plugin for analyzing the logs of an application created by your company.
Erlon Sousa Pinheiro profile photo
  • Our specific model is a bit slow and outdated and takes up to 10 minutes to commit a configuration change.
  • Nested security rules would be helpful instead of a linear approach. But rule creation in general is very simple.
  • Documentation gives a very straight forward answer to some items but is very vague in others.
  • Support could be a little better. An issue we had a tech was insistent it was the "other guy" and it ended up being the very latest PAN OS upgrade.
Christopher St.Amand profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
Still after the original product view AlienVault is still ahead of the game and have added even more capabilities
Philip Clarke profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
After using it for some time I have found the interface to be somewhat "clunky." Some of the system management requirements have to be done from the CLI (Command Line Interface). There is no way to easily automate some of the system maintenance, that if not addressed, causes the system to become unusable after a period of time
Brian W. Caldwell BIT | MIS profile photo
Next-Generation Firewalls - PA Series10.0
Based on 1 answer
This firewall is the most comprehensive firewall with the easiest interface I've ever used. The interface is also very intuitive and it's easy to figure out what features will or will not do if they're turned on or off. The logging and reporting features are also great. Easy to understand and to generate.
Jennifer Greulich, GSED, GSEC profile photo

Support

AlienVault USM7.6
Based on 24 answers
I find their support to be excellent. From the FAQ's to the tech docs, it is very easy to resolve most issues. The few times we worked with a support technician, they were always quick to resolve our issue. We are very pleased with the overall level of support!
Chuck Bardram profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Initial deployment was great compared to all the research I had read about deploying SIEM solutions. The basic setup gives excellent information about what is occurring on your enterprise network.
Russel Beckham profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault was the analyzed solution that delivered more value for less. It has several features and functionalities that do not exist in other analytic solutions. As previously mentioned, we needed an IDS and hired a complete multi-tiered security solution from SIEM to a vulnerability scanner of our cloud resources.
Erlon Sousa Pinheiro profile photo
The GUI on the Palo Alto firewalls is excellent, compared to the ASA. Also, the Panorama management GUI is very good. At the time when we were evaluating vendors, Cisco had just acquired Sourcefire, so the ASA just didn't have the features that the Palo Alto did in terms of advanced security features. I'm sure things are different today, so it would be prudent to do a new comparison.
No photo available

Return on Investment

No answers on this topic
  • Overall, even though the device is very expensive (both hardware and licensing), the product does produce a decent ROI, given that one (or HA pair) of devices can do so many things, such as anti-virus, anti-malware, URL filtering, SSL decryption, SSL VPN, routing, etc.
  • There will definitely be sticker shock when you're renewal comes up annually (or after 3 years), so be sure to look very carefully at the recurring costs of this product, with respect to licensing and hardware/software maintenance.
No photo available

Screenshots

Next-Generation Firewalls - PA Series

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Next-Generation Firewalls - PA Series

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Next-Generation Firewalls - PA Series More Information