AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101

RackFoundry Total Security Management

6 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 6.9 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

RackFoundry Total Security Management

RackFoundry Total Security Management (TSM) is suited for most companies that have the same challenge as my team had. If you are looking to purchase one security tool and spend most of your allocated budget then I would not recommend this for you. However, if you are looking for something close to a single pane of glass, (granted there is no such thing) this solution does come close as they have the main components built in such as their FW/IPS/IDS/SIEM. Before selecting RackFoundry we had two options which were: 1) Upgrade our current solution and spend an overbearing amount 2) Search for new vendors and maybe procure 1-3 devices and then manually integrate them. Because this was a unified console and integration between devices was simple, we were able to obtain 4-6 security functions and we even had some sense of security visibility via the SIEM. It's not as powerful as Splunk or LogRhythm, but it definitely does the job
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
RackFoundry Total Security Management
9.4
Centralized event and log data collection
AlienVault USM
8.0
RackFoundry Total Security Management
9.1
Correlation
AlienVault USM
8.0
RackFoundry Total Security Management
9.1
Event and log normalization
AlienVault USM
8.0
RackFoundry Total Security Management
9.6
Deployment flexibility
AlienVault USM
7.0
RackFoundry Total Security Management
10.0
Custom dashboards and views
AlienVault USM
6.0
RackFoundry Total Security Management
9.6
Host and network-based intrusion detection
AlienVault USM
7.0
RackFoundry Total Security Management
9.1
Integration with Identity and Access Management Tools
AlienVault USM
RackFoundry Total Security Management
9.1

Pros

  • AlienVault USM Anywhere is easy to deploy with their cloud-based model and deploying the required agents on-prem (or in the cloud) is quick and easy.
  • Custom rules allow for alerting based on content from events and you can even trigger agents in response to threats, shutting down computers or grabbing forensic info for incident response.
  • USM Anywhere also takes care of reporting for ISO and PCI, allowing you to pull reports for auditors at a moment’s notice.
  • With many integrations out-of-the-box, you can pull in all the data from products you use and other sources, such as Amazon CloudWatch Logs.
Matthew White profile photo
  • All-in-one solution that covers all the essentials and basic of security needs
  • Unique methodology way for cost effective enterprise security solution
  • Help exceed compliance as their interface allows you to tailor your compliance needs
  • Simple and friendly customizable user interface dashboard
  • Unique function: Ask an Expert
  • Premium fully manage automatic updates with access
  • Deployable Security Modules that encompass IPS/IDS/SIEM/VA/FW
  • Knowledgeable engineers, who helped improve our overall infrastructure by making it more secure
No photo available

Cons

  • Walking through all the devices after a Nmap or device discovery scan can be tedious to get the data correct
  • When deploying HIDS, it would be better if the system gave more detail as to the deployment error
  • Offline updating of licenses can be a little time-consuming
Clark Crain profile photo
  • Ask an Expert takes takes 2-48 to hours respond. I've seen them take up to 47 hours on an unknown log, however it has never been greater than 48 hours.
  • Initial configuration took 2-3 weeks to adapt to my team's preference.
  • Professional service days are expensive.
No photo available

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
Still after the original product view AlienVault is still ahead of the game and have added even more capabilities
Philip Clarke profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
Best SIEM out there. Built for the serious security practioner. Has features you would expect in something much more expensive. Product continues to be refined and improved.
Matthew Frederickson profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
Jason Cresswell profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
The one thing to remember is where to place the sensors within your organization. It is one thing to collect and analyze data, but collecting the right data is key. This is where AlienVaults experts really help. Instead of trying to sell you a gazillion sensors, they walk you through your network to make sure he sensors are where they need to be so you can achieve your goal. Implementation works so well because they take the time upfront to know your goals before they help you achieve them.
Matthew Frederickson profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

We were looking at other solutions, but ultimately the sales demo we received for AlienVault looked good and was at a MUCH better price point than the alternatives we evaluated. We are also intrigued by the additional capability of vulnerability scanning.
Aaron Rothstein profile photo
Well I have experience with the big names: SecureWorks, IBM and Splunk. Individually their logging tools are much better than RackFoundry's Total Security Management. This is great for large corporations and urban cities, however not so great for municipalities, mid size businesses and companies who fluctuate between 1-7 members on their IT staff. Why? Because it takes too much of their resources and integration with other products gets a little rough as you will need to configure your preferences to theirs. When a company has stability it is great to have a name brand product, however renewals and upgrade costs can be taxing to an organization.
No photo available

Return on Investment

No answers on this topic
  • We were able to have greater security visibility because of the IDS and the SIEM feature.
  • If we did not choose RackFoundry's Appliance, we probably would have only had 2 security functions that has limited features. Instead we have multiple security functions and had a little extra budget to use towards new equipment.
  • The device has allowed me to use my time more effectively at work. Instead of having some of my staff dedicate their time towards sifting through logs, we are able to see actionable data and react faster.
No photo available

Screenshots

RackFoundry Total Security Management

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

RackFoundry Total Security Management

General
Free Trial
Yes
Free/Freemium Version
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

RackFoundry Total Security Management More Information