AlienVault USM
March 22, 2016

AlienVault USM

Joshua Fidler | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with AlienVault Unified Security Management

AlienVault currently acts as the network IDS and SIEM engine for the organization. Keeping track of network traffic and correlating that to events that occur within the network is invaluable with the current level of cyber threats making the news almost weekly. The IT department has gained some incredibly valuable data from the AV-USM since its deployment in February of 2015.

Pros

  • AlienVault does a great job of tying network data together with log information to generate alerts that actually matter. The correlation engine within AlienVault is quite impressive. The overall end result comes from a number of locations- from firewall data to windows logs and netlow, the USM provides tons of data in a simplistic user interface.
  • The deployment and ease of use within AlienVault makes for an intuitive and easy to understand network device.
  • The Open Threat Exchange (OTX) network also provides an easy way to collaborate with other security folks in the community.

Cons

  • The documentation can be spotty at times. Finding what you need to understand how to take full advantage of the appliance can be a bit difficult at times.
  • The vulnerability scanning within the USM is a nice feature that doesn't execute well. Getting the scans to complete in a timely manner- or at all sometimes- can be a pain. There are other scanners out there that do a much better job of finding the holes than this.
AlienVault fits well into smaller organizations with more limited budgets. We were able to deploy AlienVault at half the cost of some of the other vendors we looked into and the product is really solid. The amount of intelligence gained from the appliance is incredible and at this point, I would be lost without the information it produces.

Comments

More Reviews of AlienVault USM