What users are saying about

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101
84 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.3 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

Symantec Endpoint Protection

Symantec Endpoint protection is, in my opinion, a somewhat mediocre product. It does a decent job of detecting traditional viruses, and an OK job of detecting malware threats. The hybrid approach they employ for virtualized environments leaves a lot to be desired compared to options for other products which allow you to install a VM on the ESX host to do scanning of VM's. It is annoying to have to install the SEP client on every single machine that you want to have protected. The Symantec hybrid approach means that the same exact version of a file won't be repeatedly scanned, but it doesn't really make up for having to have the client installed on every single VM you want to protect. This consumes a lot of extra resources, especially during daily/weekly scans.
Kurt Ferguson profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Symantec Endpoint Protection
Centralized event and log data collection
AlienVault USM
8.0
Symantec Endpoint Protection
Correlation
AlienVault USM
8.0
Symantec Endpoint Protection
Event and log normalization
AlienVault USM
8.0
Symantec Endpoint Protection
Deployment flexibility
AlienVault USM
7.0
Symantec Endpoint Protection
Custom dashboards and views
AlienVault USM
6.0
Symantec Endpoint Protection
Host and network-based intrusion detection
AlienVault USM
7.0
Symantec Endpoint Protection

Pros

  • Up to this point, I have had no issues integrating with a system we currently have in production. while AlienVault stays on top with plugin updates.
  • Te dashboard is very informative when you figure out how to navigate around it and tweaked to your organization needs.
  • Correlation of events is probably my favorite as I normally only need to jump on the AlienVault dashboard to hammer down on network traffic/activity details.
AJ Gumataotao profile photo
  • The virus and spyware protection has worked well for us, catching several things and quarantining the items or cleaning them.
  • The virus definitions very rarely fail to update for the users, so I feel confident that my client machines are kept up to date.
  • I like the report I get daily telling me about threats found and action taken without having to login to the console to look it up myself.
Debbie Johnson profile photo

Cons

  • I would like to see an interface that is more menu driven. For example a method that allows me to drag and drop the items I would like in an adhoc report based on local machines that are attempting to connect to sites beyond our network that are blocked by our firewall.
  • I would like to see a more robust connection to our SonicWall, having two devices in the same rack that must be configured independently is some times a pain to fine tune.
  • I would like to see additional help files built that allow users to work with the Alienvault without attending formal training.
Randy Kouns profile photo
  • The Proactive Threat Protection is helpful, but I wish it caught more in the browser.
  • The client packages for installation can be a little finicky at times to get them to push to the client machines - it might take a few attempts on a newly imaged machine.
Debbie Johnson profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
Symantec Endpoint Protection9.1
Based on 4 answers
Best of Breed. Symantec Endpoint Protection beats all other end point products I have used, tested and seen in presentation at this point in time.
No photo available

Usability

AlienVault USM7.2
Based on 33 answers
Not enough documentation, non-descript error messages, and too much required to be done at the command line for an "appliance".
Aaron Rothstein profile photo
Symantec Endpoint Protection8.9
Based on 3 answers
I think it works great. It's easy to administer. It's easy to see if it's working and how well. There's no real user interaction necessary.
Debbie Johnson profile photo

Reliability and Availability

AlienVault USM6.4
Based on 3 answers
No answer on this topic is available.
Symantec Endpoint Protection9.0
Based on 2 answers
We've used it for years and the software is easy to use. The dashboard is easy to read, and you can easily figure out where to go to troubleshoot or deploy software. Symantec is there for emergencies like backup restoration or file retrieval. It's pretty low maintenance. Symantec is there when your IT infrastructure needs it
No photo available

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
Jason Cresswell profile photo
Symantec Endpoint Protection5.1
Based on 2 answers
It's a big company. Symantec's support is good once you actually get them. We generally have to open a ticket and get a call back - eventually. They rarely have the answer for us right away, but they are good about either escalating or researching and getting back to us in a day or two. We rarely have any issues, so this usually isn't too big of a deal for us. If their product had more issues I would really have to debate whether or not I needed a different vendor due to the time it takes to actually get support. As I said, once we reach a person with the right skills for the right product, we're usually happy with the results.
Debbie Johnson profile photo

Implementation

AlienVault USM7.1
Based on 37 answers
Initial implementation was okay, but we should have gone on the one week course first as an understanding of the features and what to look for would have been of great use. This is especially relevant when fine tuning and correlating events and creating parsers.Once set up the system is pretty resilient and adding in configuration is quite an easy process. We only had on the odd few occasions had to progress any set up problems to tech support.There are also some great whitepapers and set up articles on AlienVault's website support.
Philip Clarke profile photo
Symantec Endpoint Protection6.4
Based on 1 answer
Use a third party deployment tool and not the deployment option within the SEP Manager itself.
No photo available

Alternatives Considered

If you look at AlienVault USM, you will have to look at OSSIM too. For very small enterprises with limited budget or no budget at all, OSSIM might be a good alternative, it is the free version of AlienVault USM, but that means you are on your own with it. Another competitor is definitively GrayLog as it provides a very good interface and is easy to use, plus it is using ElasticSearch as its data store. As stated previously, the ELK stack (ElasticSearch Logstash Kibana) is a good alternative too, but not ready to use off the shelf, nor an all-in-one solution. In fact, the components used by AlienVault, such as OpenVAS, OSSEC, Suricata, etc are its biggest competitors at the same time, but only if you make the effort to run each of the as an independent solution. In return you get a maximum of flexibility and full power over your solution.
Christian B. Caldarone profile photo
I use Malware-bytes on my network alongside Symantec Endpoint. Both pieces of software play well with each other. Although Symantec has a good anti malware engine, I prefer to use Malware-bytes for that purpose because they are the leaders in anti malware detection and prevention. Symantec, however, is able to provide protection against the more serious types of infections like rootkits and Trojans.
Ramesh Ramrattan profile photo

Return on Investment

No answers on this topic
  • Symantec Endpoint Protection provides us with a steady recurring revenue stream.
  • SEP provides us with a fairly easy reselling experience, because it is not overly expensive yet it is an extremely effective product.
  • SEP allows us to spend less time analyzing and administering anti-virus issues, which translate into very few man-hours wasted.
John Huber profile photo

Screenshots

Symantec Endpoint Protection

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Symantec Endpoint Protection

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Symantec Endpoint Protection More Information