AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101

Symantec Critical System Protection

7 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.8 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

The main reason I would recommend AlienVault is because of its niche market. This product is perfect for the small to mid size company. Having the USM really simplifies all your tools into one interface. You really don't need a Security Admin to manage this tool. I am just assuming that it would not work well for large companies that have entire security teams that manage different areas of security.
Will Armistead profile photo

Symantec Critical System Protection

Symantec Critical System Protection (CSP) is very well suited for environments that do not change such as point of sale systems and critical servers. This product is spectacular at protecting end of life operating systems when supporting legacy software prevents upgrades. When security updates are no longer available, CSP will prevent exploits and other malware from taking advantage. This product is not well suited for systems that require a lot of changes. For one, it does not notify when a change has been blocked by CSP, causing some server administrators to waste many hours chasing a phantom technical problem when turning off CSP could have solved it right away. Also, profiling takes time so systems that constantly change would need hundreds of exceptions made.
Jennifer Greulich, GSED, GSEC profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Symantec Critical System Protection
2.8
Centralized event and log data collection
AlienVault USM
8.0
Symantec Critical System Protection
3.0
Correlation
AlienVault USM
8.0
Symantec Critical System Protection
Event and log normalization
AlienVault USM
8.0
Symantec Critical System Protection
Deployment flexibility
AlienVault USM
7.0
Symantec Critical System Protection
2.0
Custom dashboards and views
AlienVault USM
6.0
Symantec Critical System Protection
3.0
Host and network-based intrusion detection
AlienVault USM
7.0
Symantec Critical System Protection
3.0

Pros

  • USM makes available the tools and ability systems that cost up to 10x the cost. Is it as polished as the "store bought" proprietary systems? No. Does it do the same things? You bet. The Alienvault team is constantly working to make it better with more features, great technical support, and collaboration.
  • Day one on site and as usual it looks ugly after a vulnerability scan and the clean up begins. You never know how well you have been doing until you verify systems. Patching, configuration, and more is revealed and remedied. Meeting regulatory requirements.
  • OTX integrated into the working system is one way information gets into it, rule updates come down frequently as do feature set updates. Coupled with a Next Generation firewall in front of it with two sources of threat data, it doesn't get any better than that.
  • Network IDS sees everything and can pick out bad things inflight on the network. Having eyes on network, firewall, and OS events the only thing left is watching over the user. Moving from firewall and AV to a more comprehensive across the board posture is all made possible by USM.
Thomas Vaughan profile photo
  • Prevents exploits, unwanted executables, registry changes, and system file changes
  • Can allow exceptions for software vendors such as Microsoft or Adobe
  • Prevents lateral movement with certain network rules configured
  • Can record file changes
Jennifer Greulich, GSED, GSEC profile photo

Cons

  • USM needs to mature with the user control interface. Making things easier to get done without "Google", blogs, or support. Plugin support is growing slowly. The ability to have granular control over system behavior needs to mature.
Thomas Vaughan profile photo
  • Tuning takes a very long time
  • Turning the product on or off can take time
  • When an action is prevented by CSP, there is no pop up or notification, making this a burden for server administrators
Jennifer Greulich, GSED, GSEC profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
The centralized logging and retention for PCI compliance was our main driver, and it is meeting that need. Otherwise there has been enough frustration with the lack of documentation and the need to customize through the CLI that I would be open to alternatives.
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
Not enough documentation, non-descript error messages, and too much required to be done at the command line for an "appliance".
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
Jason Cresswell profile photo
Symantec Critical System Protection10.0
Based on 1 answer
They respond quickly and efficiently without the need to reiterate the actual issue. Their backline support is amazing and always there for us when it is needed. They explain the troubleshooting steps taken and what they did to help us resolve the issue just incase it creeps up again we have the information to correct it ourselves.
No photo available

Implementation

AlienVault USM7.1
Based on 37 answers
Anything beyond a vanilla deployment will take a lot of effort.
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

What set AlienVault Unified Security Management apart was that is was an all-in-one solution at a reasonable price. Other products were significantly more expensive and were very "module" based which made me fear module creep as I would try to implement them.
Mayson Morrissey profile photo
We evaluated Bit 9 and you have more flexibility with the rule set and do not rely on the cloud to tell you what is approved and not approved. You build out the policies the way you need them to be and who better knows the environment that the people that work it daily.
No photo available

Return on Investment

No answers on this topic
  • Great protection for unchanging systems
  • We have comfort that the protected systems are safe from intrusion
  • Excellent price
Jennifer Greulich, GSED, GSEC profile photo

Screenshots

Symantec Critical System Protection

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Symantec Critical System Protection

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Symantec Critical System Protection More Information