<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
Top Rated
505 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
Top Rated
505 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101
7 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.3 out of 101

Likelihood to Recommend

AlienVault USM

I think AlienVault USM is well suited for a medium size company where there are remote sites. The star configuration deployment would work very well. I would need to see how AlienVault would perform on a large multi-national company if headquarters wanted to correlate all data.
Clark Crain profile photo

Symantec Critical System Protection

Symantec Critical System Protection (CSP) is very well suited for environments that do not change such as point of sale systems and critical servers. This product is spectacular at protecting end of life operating systems when supporting legacy software prevents upgrades. When security updates are no longer available, CSP will prevent exploits and other malware from taking advantage. This product is not well suited for systems that require a lot of changes. For one, it does not notify when a change has been blocked by CSP, causing some server administrators to waste many hours chasing a phantom technical problem when turning off CSP could have solved it right away. Also, profiling takes time so systems that constantly change would need hundreds of exceptions made.
Jennifer Greulich, GSED, GSEC profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Symantec Critical System Protection
Centralized event and log data collection
AlienVault USM
8.0
Symantec Critical System Protection
Correlation
AlienVault USM
8.0
Symantec Critical System Protection
Event and log normalization
AlienVault USM
8.0
Symantec Critical System Protection
Deployment flexibility
AlienVault USM
7.0
Symantec Critical System Protection
Custom dashboards and views
AlienVault USM
6.0
Symantec Critical System Protection
Host and network-based intrusion detection
AlienVault USM
7.0
Symantec Critical System Protection

Pros

AlienVault USM

  • Very in depth on scanning for inventory! This allows one to get the "50,000 feet" view of the organizations IT assets, and can narrow down on a specific inventory item with just a few clicks.
  • Conducts detailed vulnerability scans. While it doesn't mitigate the vulnerabilities, it gives us instructions on how to mitigate them..what steps we need to take.
  • The reporting function is phenomenal. It aggregates logs from other hardware and software, and can present a in-depth report based on that data.
Christopher Taylor profile photo

Symantec Critical System Protection

  • Prevents exploits, unwanted executables, registry changes, and system file changes
  • Can allow exceptions for software vendors such as Microsoft or Adobe
  • Prevents lateral movement with certain network rules configured
  • Can record file changes
Jennifer Greulich, GSED, GSEC profile photo

Cons

AlienVault USM

  • SMTP: The appliance can only send SMTP alerts to ONE email address. At the very least, it should be able to send to multiple people, and this shouldn't be a global setting. Some people want to see certain alerts, others need to see other alerts. It's highly inflexible.
  • Reports: There basically aren't any. I need a way to prove to the CEO that this expense is worth it, but I can't print a nice graph of logs collected per day, alarms on each device, or really anything at all.
  • SLOW: When it starts collecting lots of logs, the appliance really slows down. When you're trying to do a search on logs, it can take an hour or more. Almost impossible to do forensic analysis of an incident when it takes this long to gather the correct logs.
  • Multiple VPCs are not supported: The only deployment option is a single box. Without allowing multiple sensor nodes, it's very difficult to see into other networks. VPC peering can get you around this, but this is not allowed for us because of security concerns, and it's impossible because both VPCs use the same IP range. You can use a Linux jump box, but you can't use a Windows jump box, and a Linux jump box won't connect to any Windows servers.
John Grosjean profile photo

Symantec Critical System Protection

  • Tuning takes a very long time
  • Turning the product on or off can take time
  • When an action is prevented by CSP, there is no pop up or notification, making this a burden for server administrators
Jennifer Greulich, GSED, GSEC profile photo

Likelihood to Renew

AlienVault USM

AlienVault USM 9.1
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo

Symantec Critical System Protection

No score
No answers yet
No answers on this topic

Usability

AlienVault USM

AlienVault USM 7.4
Based on 34 answers
Not enough documentation, non-descript error messages, and too much required to be done at the command line for an "appliance".
Aaron Rothstein profile photo

Symantec Critical System Protection

No score
No answers yet
No answers on this topic

Support

AlienVault USM

AlienVault USM 7.6
Based on 24 answers
Support was initially slow but once engaged resolution was fast and efficient.Additional support on other topics was also resolved under the same initial call which helped rather than closing the call off and starting again.Further check backs were carried out before the case was closed so support was very useful throughout.
Philip Clarke profile photo

Symantec Critical System Protection

Symantec Critical System Protection 10.0
Based on 1 answer
They respond quickly and efficiently without the need to reiterate the actual issue. Their backline support is amazing and always there for us when it is needed. They explain the troubleshooting steps taken and what they did to help us resolve the issue just incase it creeps up again we have the information to correct it ourselves.
No photo available

Implementation

AlienVault USM

AlienVault USM 7.0
Based on 37 answers
It required us to make a lot of changes and use a decent amount of manpower in order to implement the software.
Mikhail Suleymanov profile photo

Symantec Critical System Protection

No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault USM

I hate to say it, but one of the main reasons we selected the AlienVault was the price. Some of the cheaper options seemed too difficult to manage and the more expensive options were both expensive and difficult to manage. We don't have a Security Admin so simplicity was a big factor.
Will Armistead profile photo

Symantec Critical System Protection

We evaluated Bit 9 and you have more flexibility with the rule set and do not rely on the cloud to tell you what is approved and not approved. You build out the policies the way you need them to be and who better knows the environment that the people that work it daily.
No photo available

Return on Investment

AlienVault USM

No answers on this topic

Symantec Critical System Protection

  • Great protection for unchanging systems
  • We have comfort that the protected systems are safe from intrusion
  • Excellent price
Jennifer Greulich, GSED, GSEC profile photo

Screenshots

Symantec Critical System Protection

Pricing Details

AlienVault USM

General

Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

Symantec Critical System Protection

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Add comparison