AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
335 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
335 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101
6 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 6.8 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

RackFoundry Total Security Management

RackFoundry Total Security Management (TSM) is suited for most companies that have the same challenge as my team had. If you are looking to purchase one security tool and spend most of your allocated budget then I would not recommend this for you. However, if you are looking for something close to a single pane of glass, (granted there is no such thing) this solution does come close as they have the main components built in such as their FW/IPS/IDS/SIEM. Before selecting RackFoundry we had two options which were: 1) Upgrade our current solution and spend an overbearing amount 2) Search for new vendors and maybe procure 1-3 devices and then manually integrate them. Because this was a unified console and integration between devices was simple, we were able to obtain 4-6 security functions and we even had some sense of security visibility via the SIEM. It's not as powerful as Splunk or LogRhythm, but it definitely does the job
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
RackFoundry Total Security Management
9.4
Centralized event and log data collection
AlienVault USM
8.0
RackFoundry Total Security Management
9.1
Correlation
AlienVault USM
8.0
RackFoundry Total Security Management
9.1
Event and log normalization
AlienVault USM
8.0
RackFoundry Total Security Management
9.6
Deployment flexibility
AlienVault USM
7.0
RackFoundry Total Security Management
10.0
Custom dashboards and views
AlienVault USM
6.0
RackFoundry Total Security Management
9.6
Host and network-based intrusion detection
AlienVault USM
7.0
RackFoundry Total Security Management
9.1
Integration with Identity and Access Management Tools
AlienVault USM
RackFoundry Total Security Management
9.1

Pros

  • Quickly reports unauthorized access attempts of our network.
  • Provides insight to the possible internal breaches sending data out of our network.
  • provides strong reporting on network resources.
Randy Kouns profile photo
  • All-in-one solution that covers all the essentials and basic of security needs
  • Unique methodology way for cost effective enterprise security solution
  • Help exceed compliance as their interface allows you to tailor your compliance needs
  • Simple and friendly customizable user interface dashboard
  • Unique function: Ask an Expert
  • Premium fully manage automatic updates with access
  • Deployable Security Modules that encompass IPS/IDS/SIEM/VA/FW
  • Knowledgeable engineers, who helped improve our overall infrastructure by making it more secure
No photo available

Cons

  • I would like to see an interface that is more menu driven. For example a method that allows me to drag and drop the items I would like in an adhoc report based on local machines that are attempting to connect to sites beyond our network that are blocked by our firewall.
  • I would like to see a more robust connection to our SonicWall, having two devices in the same rack that must be configured independently is some times a pain to fine tune.
  • I would like to see additional help files built that allow users to work with the Alienvault without attending formal training.
Randy Kouns profile photo
  • Ask an Expert takes takes 2-48 to hours respond. I've seen them take up to 47 hours on an unknown log, however it has never been greater than 48 hours.
  • Initial configuration took 2-3 weeks to adapt to my team's preference.
  • Professional service days are expensive.
No photo available

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
Almost all functions are intuitive, custom logging is not very easy to configure.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
I have not had a single issue with the alienvault support staff. Any issue or question that we had, especially in the beginning during the installation phase the support staff was readily available via phone and email to help us. I am very happy with the decision we made to go with alienvault.
Mikhail Suleymanov profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Initial implementation was okay, but we should have gone on the one week course first as an understanding of the features and what to look for would have been of great use. This is especially relevant when fine tuning and correlating events and creating parsers.Once set up the system is pretty resilient and adding in configuration is quite an easy process. We only had on the odd few occasions had to progress any set up problems to tech support.There are also some great whitepapers and set up articles on AlienVault's website support.
Philip Clarke profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

We looked at a number of other products besides AlienVault. Most of them were software packages that had OK reviews, but would have been costly to implement and time-consuming to maintain. AlienVault was an all-in-one appliance, though it comes in a virtual machine that you can run as well. We chose the USM because of our virtualization resources were getting pretty tight at the time we chose AlienVault, and we prefer hardware appliances.
Christopher Taylor profile photo
Well I have experience with the big names: SecureWorks, IBM and Splunk. Individually their logging tools are much better than RackFoundry's Total Security Management. This is great for large corporations and urban cities, however not so great for municipalities, mid size businesses and companies who fluctuate between 1-7 members on their IT staff. Why? Because it takes too much of their resources and integration with other products gets a little rough as you will need to configure your preferences to theirs. When a company has stability it is great to have a name brand product, however renewals and upgrade costs can be taxing to an organization.
No photo available

Return on Investment

No answers on this topic
  • We were able to have greater security visibility because of the IDS and the SIEM feature.
  • If we did not choose RackFoundry's Appliance, we probably would have only had 2 security functions that has limited features. Instead we have multiple security functions and had a little extra budget to use towards new equipment.
  • The device has allowed me to use my time more effectively at work. Instead of having some of my staff dedicate their time towards sifting through logs, we are able to see actionable data and react faster.
No photo available

Screenshots

RackFoundry Total Security Management

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

RackFoundry Total Security Management

General
Free Trial
Yes
Free/Freemium Version
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

RackFoundry Total Security Management More Information