The logical choice for premium IDS
March 05, 2019
The logical choice for premium IDS
Score 9 out of 10
Overall Satisfaction with Alert Logic Network Threat Detection
This is the IDS solution for our SaaS platform. Everything that's connected to our application in any way is being monitored by Alert Logic to identify rogue actors or other ill behavior on the network.
- Customer Service. Usually, I'd put the technical details up front, and they're good with that too. But the service from pre-sales all the way through onboarding and continued account management is top tier. Our onboarding schedule got messed up, partly because of us, but that was rather minor. I always get prompt replies to any tickets, and they've even reached out to discuss my feature requests. When it comes to security, it's critical to have a responsive team, and they've got it.
- Detection seems good. It's hard to quantify exactly, but it seems that they always detect the bad actors. And when we get an alert, they include a bunch of details so we know what kind of scan they're trying to do, how far they got, etc. You can't prevent everyone from doing a scan on your IP, but it gives you a really good idea of where your soft spots might be. And if you're getting those low-level alerts, it's a reminder that it's there and working if you have a major event too.
- Very easy setup. This goes back to their customer support to some extent, as they walk you through all the steps required. But it's also about their technical solution, it's not so overly complex that it's fragile, nor does it take a great deal of time to deploy. And it's been zero effort to maintain since then.
- Diffie-Hellman cipher is not supported. This is the way of the future, and I'd prefer to ONLY use DH or EDH. But I understand the complication of PFS, and hopefully, they're working on supporting this in the future.
- Price. You can't get all this good stuff for free. But we've tried the "budget solution" before, and it either just doesn't work well, or requires an incredible amount of administration. If you have a large security team, you might be better off with a cheaper option. For us, we're paying more for a product and saving a bit on in house labor.
- Hard to think of any other cons! There were some UI issues at first, but I know they've added some good features, and more were in development last we spoke. Some of their reporting could be improved a bit, but that's getting pretty picky. Unless you have a really specific need, these things won't be any more than a minor nuisance.
- It's hard to put a price on security. But rather than dollars directly, I believe it has helped our business reputation, first that having an IDS solution in place helps put customers at ease, but also by maintaining that reputation by blocking damaging activity.
- Their team has also been good support and saved us from having to invest in specific skills in house. We pay more for the solution so it's probably not a huge cost savings, but a big savings in the headache of finding staff, managing staff turnover, etc.
No one else had a good product offering married with the high level of support. The cheaper options such as Alien Vault all seemed to have inferior products and little/no support. And the really big enterprise products might work great, but require a great deal of skills to set up and maintain. Alert Logic pretty much fits in a category to itself.
If you have a web platform or any other exposed system, it's important to have an IDS in place. This can be difficult to do right, and if you're a smaller business, you can't have a team dedicated to managing security. Alert Logic takes that burden, makes sure it's working right, and allows your team to focus on your product. With that in mind, it's not a silver bullet, and I took off one point ONLY because I think it would be harder to justify in a large enterprise with a security team already in place. Maybe there's another product out there that'll solve that use case, but Alert Logic was perfect for our needs.