Overall Satisfaction with Intrusion Detection, part of Alert Logic Professional
Previously we used Logrhythm to collect syslogs on an on primus server. Logrhythm is/was very convoluted and almost required a dedicated person to manage the system. Alert Logic is a cloud managed service that removed the need for an on primus dedicated person to constantly review logs and determine if there was an issue. The main users of this is our security team.
- The cloud managed service; the cost benefit and 24x7 monitoring
- The Alert system went from possibly 24 hours to 1 hour
- The benefit of nothing having to write our own queries
- The interface is a little lacking from a search perspective but its not really meant for us to have to do the work
- The cloud service vs have an on prim dedicated person
- 24x7 monitoring
- The detailed threat analysis
If anyone has ever used Cisco products to manage threat detection they will tell you that, while Cisco products are good, they aren't the most user friendly. Multiple pieces are needed to do what Alert Logic can do in one product. The user interface is ok and the search function isn't the best but the whole point of cloud manage is just that.