Overall Satisfaction with AlienVault USM
AlienVault Unified Security Management has been influential in identifying critical problems within our IT infrastructure and has been a critical asset to our company. We currently use it for the whole organization spanning 6 sites and covering several servers (physical and virtual) and supporting 120+ users. With our file server specifically, we are quickly able to be notified when a user has failed to authenticate and may be attempting to access files they're not supposed to.
- Aggregating information from our firewalls into a readable format allowing us to combat persistent threats to our perimeter.
- Aggregating information from our servers through system logs and other means when installed as a HIDS and displaying the content in a clear manner.
- As a NIDS, it does a wonderful job at analyzing traffic on the network and presenting me with a clear picture of what's traveling through my network that I may not want there.
- Changing the IDS rules seems complex at times. I have alarms that are repeatedly flagging false positives that I find it hard to disable.
AlienVault Unified Security Management has been the first product of its kind we've used or evaluated and due to its usefulness and value for us we have not had to try anything else.