<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>Score 7.9 out of 101
Based on 334 reviews and ratings
Likelihood to Recommend
AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Zabbix is well suited in an environment where connectivity is possible between all hosts in the network. Zabbix agents need to be able to "phone home" to the Zabbix server or a proxy. If connectivity is not possible between the agent and the server (typically the server is going to live in the "trust" section of the network, rather than a DMZ), Zabbix may not be a good fit. Zabbix is also appropriate in a cross-platform environment.Zabbix is also highly appropriate in shops that are interested in building their own monitoring infrastructure, rather than using a service. These services are obviously not free, but the time that you invest in Zabbix may make up for that monthly spend.
Director in Information TechnologyInternet Company, 201-500 employees
Feature Rating Comparison
Centralized event and log data collection
Event and log normalization
Custom dashboards and views
Host and network-based intrusion detection
- AlienVault enables integration with external technologies, thereby broadening its scope and possibilities.
- AlienVault has a dashboard customization and reporting scheme that makes it flexible to query your data, allowing you to model the tool according to your needs.
- AlienVault will make you forget the need to consult some information on AWS Cloudtrail. It extracts the data from there and delivers in a much more efficient way.
- With a single tool you can monitor your cloud and on-premises environment.
- Alerting, while it can be difficult to initially learn, Zabbix's alerting system allows you fantastic control over how and when each of your team members receives alerts. This has caused a large decrease in "Friendly Fire" spam, preventing our staff members from getting complacent when they see a alert come through.
- In a couple of clicks, you can turn any monitorable data into a graph, which can then be deployed to any number of systems. Its ease of use makes it a fantastic tool.
- Zabbix makes adding new devices for monitoring very easy due to its template system.
Engineer in Information TechnologyHospitality Company, 501-1000 employees
- Walking through all the devices after a Nmap or device discovery scan can be tedious to get the data correct
- When deploying HIDS, it would be better if the system gave more detail as to the deployment error
- Offline updating of licenses can be a little time-consuming
- Zabbix has a steep learning curve and doesn't have a very intuitive and user-friendly interface.
- Zabbix is resource hungry. It uses a DB to store all the stats and configuration and this can grow exponentially depending on the number of hosts you are monitoring.
- Zabbix doesn't have a very thorough documentation, so you have to search for issues and ask the Zabbix community at times.
Likelihood to Renew
Based on 33 answers
We have been using AlienVault USM Appliance for nearly 3 years. The power and flexibility of the device for IPS and IDS is amazing. We are able to identify threats and stop them before damage can be done.
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
If you look at AlienVault USM, you will have to look at OSSIM too. For very small enterprises with limited budget or no budget at all, OSSIM might be a good alternative, it is the free version of AlienVault USM, but that means you are on your own with it. Another competitor is definitively GrayLog as it provides a very good interface and is easy to use, plus it is using ElasticSearch as its data store. As stated previously, the ELK stack (ElasticSearch Logstash Kibana) is a good alternative too, but not ready to use off the shelf, nor an all-in-one solution. In fact, the components used by AlienVault, such as OpenVAS, OSSEC, Suricata, etc are its biggest competitors at the same time, but only if you make the effort to run each of the as an independent solution. In return you get a maximum of flexibility and full power over your solution.
Zabbix was much better at handling traditional systems, and in ease of customization, both in the system itself, and customizing data sources, such as adding deep MySQL or JMX integrations. It's very good for organizing large-scale (hundreds or thousands of servers) systems; its security system is very good at separating teams, customers, etc. Also very good support, forums, etc.
Return on Investment
- A 5 year "Linux team only" implementation leveraged automatic recovery scripts to eliminate a huge number of off hour wake-up tickets. Many problems were detected and automatically remediated before the old monitoring system ever detected the problem.
- The ability to monitor almost anything you can imagine and script.
- Quick one-off items and triggers can be deployed in a crisis.
- Leveraging Puppet and The Foreman for server build and Zabbix for monitoring made it possible for system administrators to go from supporting about 40 servers each to 120 or more.
Professional in Information TechnologyHigher Education Company, 10,001+ employees
Premium Consulting/Integration Services
Entry-level set up fee?
Additional Pricing Details—
AlienVault USM More Information
Premium Consulting/Integration Services—
Entry-level set up fee?