Fantastic All in One security solution at an incredible price point
No photo available
November 23, 2015

Fantastic All in One security solution at an incredible price point

Score 10 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with AlienVault Unified Security Management

AlienVault Unified Security Management is being used for information technology security management for the entire organization. The solution provides us with network and host intrusion detection services, intelligent security event correlation, asset availability monitoring, scheduled vulnerability assessments, security log management and archive, net flow monitoring and security reporting.
  • Value far exceeds the price.
  • Excellent customer service and support.
  • The product walks you through addressing placing values on assets and implementing the proper controls.
  • The product does what it claims it can do.
  • Product documentation could be more streamlined and easy to use, however, in the short time I have used AlienVault Unified Security Management there seem to be constant improvements.
  • To take full advantage of the solution, it helps to have some experience on the Linux platform, however, the product as delivered provides a solid security management platform with an intuitive GUI interface and AlienVault support coupled with their initial setup support services does a nice job of filling in the gap if you do not have that skill set in your organization.
We compared AlienVault Unified Security Management to two other enterprise level security management solutions and AlienVault came in at a fraction of the cost so we decided to do some evaluation and it proved to exceed our expectations and performed better than the competing products.
AlienVault provides a single "goto" interface for all security related events on our campus. In addition, it has provided an interface not only for security staff to investigate threats, it has also allowed our help desk staff the ability to troubleshoot things like Windows account lockouts. We continue to use our much more expensive IPS since it is still under contract and AlienVault continues to detect legitimate threats that the other IPS missed. Unfortunately we paid much more for a device that has limited functionality when compared to the AlienVault Unified Security Management.
We have definitely achieved this. We now have a single pane of glass to use for network security threat management. It is amazing how much information the solution can handle. We push syslogs from all of our windows systems, switch gear, firewalls, wireless controllers and the AlienVault is able to process and normalize those events for possible correlation and alarm creation and for archival purposes. It does this while monitoring traffic on multiple segments, monitoring availability on critical assets, performing scheduled vulnerability scans and asset discovery and much more.
Due to budget cuts our organization was able to put in place a solid network security management solution at a price that we could afford. Going through the steps to set up the product forced us to address security gaps we didn't realize we had. We feel we have a stronger solution in place with AlienVault Unified Security Management than when we were able to allocate much more funds to similar solutions in the past.

Using AlienVault Unified Security Management

3000 - Faculty/Staff/Students
2 - Staff need to have experience and training in network security concepts in order to make knowledgeable decisions about the information delivered by AlienVault and to deploy it properly. AlienVault's setup services are very helpful in making sure the system is installed properly.
  • Security Event Management
  • Log Management
  • Reporting
  • Incidence Response through the builtin ticketing system
  • We never dreamed we could us it to consolidate syslogs for so many different systems.
  • We were able to retire another system that was used for availability monitoring.
  • Help desk staff are now empowered to investigate account lockout issues in much more detail.
  • As the user community and AlienVault's staff develop additional plugins, we will surely be able to integrate new systems with the product.
It's an awesome product priced right for our organization.

Evaluating AlienVault Unified Security Management and Competitors

Yes - Cisco IPS
  • Price
  • Product Features
  • Product Usability
  • Positive Sales Experience with the Vendor
  • Third-party Reviews
Google Search on affordable IPS brought up Secure Computing Review and then I emailed for a quote. Quote coupled with evaluation and cost of competing products were most important factors.
Think outside of the box and consider smaller more specialized companies that are innovative and customer service focused.

AlienVault Unified Security Management Implementation

Get the system to a baseline starting point and use it in production. Become familiar with it and accumulate questions to use during your consulting sessions.
  • Vendor implemented
  • Implemented in-house
  • Professional services company
Allied Security were contracted by AlienVault. I had no idea the support services bundled with the product were an actual engineer working with you over a period of months. In addition, the price included a great course.
Yes - Just logical starting and finishing points as the engineer worked with me as our schedules permitted.
Change management was minimal - Change management issues were very minimal
  • AlienVault gave us more than enough consulting hours so that we were able to use the system in production and accumulate any problems/question to be worked through during the next scheduled consulting session

AlienVault Unified Security Management Training

  • Online training
  • Self-taught
It was very well organized and helpful in using the product to the fullest extent. The instructor allowed time for folks who were involved with managed services to receive tuning tips in order to better support their customers. In addition, the course materials were automatically updated when the new version came out.
Personally, coupling my own hands-on experience with training offers the best ROI with AlienVault. AlienVault included some good training with our purchase of the USM product and then we decided to the next level of training which was excellent as well. Getting some experience prior to the training worked best for me.

Configuring AlienVault Unified Security Management

This product is highly configurable out of the box and can be configured to an even greater extent by taking advantage of scripts and plugins available from AlienVault and the user community.

AlienVault Unified Security Management Support

Top notch service at a fraction of what I pay to other vendors
ProsCons
Quick Resolution
Good followup
Knowledgeable team
Kept well informed
No escalation required
Immediate help available
Support cares about my success
Quick Initial Response
Problems left unsolved
Yes - Great price for great service
Yes - It was taken seriously and fixed in the next release
I had a problem with major code upgrade where the system stopped responding in the middle. A time was scheduled where the technician spent a lot of time getting the system functional again. He then escalated the case to a developer who them when through the system again just to make sure everything was perfect. I was impressed with how much they cared about a small campus like us having their product functioning absolutely perfect.

Using AlienVault Unified Security Management

Ease of use is good for the most part, but there is room for improvement. With each major release, the interface becomes much better. Even at an eight, the competing products we evaluated were much lower.
ProsCons
Like to use
Relatively simple
Easy to use
Technical support not required
Well integrated
Consistent
Quick to learn
Convenient
Feel confident using
None
  • Alert Management Interface
  • It is easy to see the security posture of your organization at a glance
  • Reporting
  • Sending system backups to another system for DR purposes
  • Querying the Events can be a bit clunky but you get used to it

AlienVault Unified Security Management Reliability

Very robust and highly reliable.
The only problems I have had were with one upgrade and at times when load is very high, querying the database can take a long time, however, this is only on rare ocassions
Again, there are times when the unit is under heavy load that reports queries may take longer than I would like, but this is rare. I have never had other pages load slowly regardless of the unit load.

Relationship with AlienVault

The process was completely hassle free. The turnaround time and attention I received exceeded that of the other competitors I was working with and the products they had for me were far more expensive than the AlienVault solution.
I was surprised at the amount of follow-up and the importance the seemed to place on our implementation of USM
In our case there was really no negotiation.