Bitdefender had been a great replacement for our previous product - it was painless to make the switch with very few issues. We tested in a VM lab a few different offerings, but Bitdefender was the one that covered everything we required at the time and allowed us to be able to expand the offering simply.
Perfect for projects where Elasticsearch makes sense: if you decide to employ ES in a project, then you will almost inevitably use LogStash, and you should anyways. Such projects would include: 1. Data Science (reading, recording or measure web-based Analytics, Metrics) 2. Web Scraping (which was one of our earlier projects involving LogStash) 3. Syslog-ng Management: While I did point out that it can be a bit of an electric boo-ga-loo in finding an errant configuration item, it is still worth it to implement Syslog-ng management via LogStash: being able to fine-tune your log messages and then pipe them to other sources, depending on the data being read in, is incredibly powerful, and I would say is exemplar of what modern Computer Science looks like: Less Specialization in mathematics, and more specialization in storing and recording data (i.e. Less Engineering, and more Design).
Once installed, Bitdefender [GravityZone] runs silently in the background with little to no need for user interaction.
The cloud-based console provides for easy computer management and deployment.
Bitdefender [GravityZone] is extremely flexible, with a policy-based system wherein different profiles can be created (i.e. a policy to deactivate the firewall, a policy to allow for admin control on a machine, etc.) and pushed out to individual computers.
Computers can be grouped into different categories, with different policies automatically deployed to each category.
Bitdefender [GravityZone] is relatively resource-light and runs well even on lower-end computers.
Logstash design is definitely perfect for the use case of ELK. Logstash has "drivers" using which it can inject from virtually any source. This takes the headache from source to implement those "drivers" to store data to ES.
Logstash is fast, very fast. As per my observance, you don't need more than 1 or 2 servers for even big size projects.
Data in different shape, size, and formats? No worries, Logstash can handle it. It lets you write simple rules to programmatically take decisions real-time on data.
You can change your data on the fly! This is the CORE power of Logstash. The concept is similar to Kafka streams, the difference being the source and destination are application and ES respectively.
Who do I ask? This is my chief complaint is once the initial licenses were purchased through Bit Defender, there was no one to contact that could help navigate some of the initial questions I had with regard to specific policies to implement for our file server. The parent web site is, well, hard to navigate when one is trying to "learn" the system.
The second issue is in increasing the licenses. It took several days for the parent company (by contact and phone) to inform me that they could not increase the licenses and I would have to go through a private vendor. There was no intent to connect me to a vendor or provide a vendor list until I asked specifically. YET I continue to get email from the parent company reminding me to pay an annual fee for the licenses purchase through the private vendor. The parent company can see the number of licenses yet did not sell them to me.
Gravity Zone Dashboard, while excellent for those who have experience, is not particularly intuitive for those who have never used it. There does not seem to be a lot of documentation for those responsible for implementation.
Since it's a Java product, JVM tuning must be done for handling high-load.
The persistent queue feature is nice, but I feel like most companies would want to use Kafka as a general storage location for persistent messages for all consumers to use. Using some pipeline of "Kafka input -> filter plugins -> Kafka output" seems like a good solution for data enrichment without needing to maintain a custom Kafka consumer to accomplish a similar feature.
I would like to see more documentation around creating a distributed Logstash cluster because I imagine for high ingestion use cases, that would be necessary.
It works. I rely heavily on my vendors to provide a product that works, is easy to implement, and that they support. As well as be a decent value for the money
On the whole I find the product very easy to use but some features need me to do some digging about in the console menus to find everything. I think if the interface used a bit less jargon and more clear plain language, it would be easier to find how to do things within the console.
Yes its very available. The software continues to protect you even if you are offline. It constantly runs in the background and will check for updates again once back online.
The console is quite fast and responsive, and once you start to get used to it, it is easy to use and you can see the main dashboard status at a glance. You can then dig deeper into the individual Companies / Endpoint clients and check the status of each. The software itself is not heavy on system resources in each PC.
Support is an area Bitdefender has always struggled with. While their products work great, the GravityZone dashboard is very technical in nature. If you aren't IT inclined, it could be difficult to setup. While most times support is helpful, we tend to work with them over email because of their very thick accent, they are hard to understand over the phone.
The trainer went through everything in the console an showed me what each setting did. If I had any questions on how to do something, he showed me where to go and how to do it. The trainer was very helpful and knowledgeable, and also professional and patient. Highly recommended.
The trainer went through everything in the console an showed me what each setting did. If I had any questions on how to do something, he showed me where to go and how to do it. The trainer was very helpful and knowledgeable, and also professional and patient. Highly recommended.
We were a Kaspersky shop for years. Kaspersky was a resource hog and it didn't even block half of what was thrown at it. We had more outbreaks and more end-user complaints in a year of Kaspersky then we have had in almost three years of Bitdefender.
MongoDB and Azure SQL Database are just that: Databases, and they allow you to pipe data into a database, which means that alot of the log filtering becomes a simple exercise of querying information from a DBMS. However, LogStash was chosen for it's ease of integration into our choice of using ELK Elasticsearch is an obvious inclusion: Using Logstash with it's native DevOps stack its really rational
I give it this rating because one you have the console running, you can add or remove whole companies, add computer endpoints (and remove them), and easily create and deploy endpoint packages to the machines that need the software. Once installed, the software starts to report back to the Bitdefender servers and the number of active licences is then seen and billed.
The ROI for Bitdefender is hard to quantify except that it requires very little maintenance time from our staff.
We've spent no time troubleshooting user complaints or issues from users, so it has been a big time-saver over our previously used anti-malware software.
Bitdefender's customer service is usually pretty good and also very responsive, so I don't have to wait by the phone or to keep checking email to resolve a problem--although our issues have been mostly informational and not a problem with functionality.
Positive: Learning curve was relatively easy for our team. We were up and running within a sprint.
Positive: Managing Logstash has generally been easy. We configure it, and usually, don't have to worry about misbehavior.
Negative: Updating/Rehydrating Logstash servers have been little challenging. We sometimes even loose data while Logstash is down. It requires more in-depth research and experiments to figure the fine-grained details.
Negative: This is now one more application/skill/server to manage. Like any other servers, it requires proper grooming or else you will get in trouble. This is also a single point of failure which can have the ability to make other servers useless if it is not running.
