AlienVault's USM Detects Malicious Traffic Trying to "Phone Home".
November 17, 2015

AlienVault's USM Detects Malicious Traffic Trying to "Phone Home".

Michael Eller | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with AlienVault USM

AlienVault Unified Security Management has been influential in identifying critical problems within our IT infrastructure and has been a critical asset to our company. We currently use it for the whole organization spanning 6 sites and covering several servers (physical and virtual) and supporting 120+ users. With our file server specifically, we are quickly able to be notified when a user has failed to authenticate and may be attempting to access files they're not supposed to.
  • Aggregating information from our firewalls into a readable format allowing us to combat persistent threats to our perimeter.
  • Aggregating information from our servers through system logs and other means when installed as a HIDS and displaying the content in a clear manner.
  • As a NIDS, it does a wonderful job at analyzing traffic on the network and presenting me with a clear picture of what's traveling through my network that I may not want there.
  • Changing the IDS rules seems complex at times. I have alarms that are repeatedly flagging false positives that I find it hard to disable.
AlienVault Unified Security Management has been the first product of its kind we've used or evaluated and due to its usefulness and value for us we have not had to try anything else.
Small offices with no web facing assets may not be the most ideal candidates for the USM platform. I would imagine this is best suitable for a medium to large sized business with at least one if not several web facing assets.