AlienVault USM Implementation Review
Anonymous | TrustRadius Reviewer
Updated January 02, 2018

AlienVault USM Implementation Review

Score 10 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with AlienVault USM

We use AlienVault USM to monitor our data center, network traffic, and key workstations. Our goal is to protect the systems from loss of PII, from malware, and from intrusion.
  • Alerts are emailed to us for many types of configurable concerns. Such as intrusion attempts.
  • Network traffic can be monitored for PII that may be transferred across the network or off-site that is not authorized or that is sent unencrypted properly.
  • Key systems can be monitored for malware, intrusions, and network traffic.
  • The menu structure could be broken down by categories that make it easier to locate sub-menus.
Various Open Source solutions
Tenable Security Center
We feel it is comparable to it as well as to open source solutions, but easier to implement than open source solutions.
We have achieved this benefit. We have used open source solutions. But, to get the same results we had to use multiple solutions. Also, the open source solutions were more difficult to set up and difficult to maintain. And the AlienVault OTX makes us feel better about the product being up to date as well as us being more informed as to current threats to be aware of.
AlienVault is a product that covers a wide range of IDS and Monitoring features for a better price than some of its competitors. Their support team is very helpful. The more we learn we use AlienVault the more impressed we are with what we discover it is capable of doing. Features are added regularly via updates.

Using AlienVault USM

2 - Data Center Operations personnel. Systems Engineer and Systems Administrator Team.
2 - Data Center Operations personnel.
Systems Engineer and Systems Administrator Team.
  • IDS
  • Malware
  • FERPA Compliance
  • Monitor PII
  • IPS
  • Ransomware
  • We have been able to use Custom Written plugins to monitor our off-brand switches and routers.
  • Watch for PII being send across the network or off-site in an unencrypted format.
  • Identify scans on the network from on and off-site in order to proactively block them at the firewall's.
  • Monitor critical systems, servers, an applications up-time.
We feel that AlienVault USM has now become an invaluable addition to our security.

Evaluating AlienVault USM and Competitors

Yes - Open Source Solutions - We had tried various open source solutions such as snort and others. We found them difficult to set up. And even more difficult to cipher through the data they produced. We also used a couple of various inexpensive commercial tools to help out. They did not really do they type of monitoring that we needed. With those at least we would get alerts, but now real IDS alerts. We had to do a bit of customization to get information out of them that we wanted. Of course that was very time consuming and we had to manually create what we needed. The Open Source solutions were also very time consuming and really needed a staff person dedicated to just that. With AlienVault it does all the work for us. After we have it tweaked we can mostly just wait for it to tell us a problem is occurring - other than we do log in just to check on things and watch traffic in real-time if we just want to keep an eye on a particular.
We like the fact that USM has log management, provides excellent support, and provided us with a easy to deploy VM All-In-One system.
  • Price
  • Product Features
  • Product Usability
  • Product Reputation
  • Positive Sales Experience with the Vendor
The Demo presented by AlienVault was excellent.
As well as their online product videos.
Along with many positive articles online about AV USMs features.
The eval and selection went well and as we had hoped.

AlienVault USM Implementation

  • Implemented in-house
  • Professional services company
In house implemented with support from Terra Verde remotely and they were a great resource.
Yes - Hardware setup, AV USM setup, Network config, End Stations Config, Custom Configs
Change management was minimal - n/a
  • no significant issues were encountered

AlienVault USM Support

The support we received from alienvault was excellent. They went above and beyond in making sure everything was working as it needed to be. They REALLY want their product implementation to be a success and our security goals be achieved. They are like a member of our security team.
ProsCons
Quick Resolution
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
None
Not Available - Security is our priority.

Using AlienVault USM

Excellent product with above average support
ProsCons
Like to use
Relatively simple
Easy to use
Well integrated
Consistent
Quick to learn
Convenient
Feel confident using
Familiar
None
  • Monitoring of Alarms
  • Looking at the logs of monitored systems.
  • Install and Setup up of Agents on servers.
  • Plugins are a bit difficult - but just something that needs to be learned.
  • Some directives setup can be a bit difficult to do the first time - But, it just requires a little hands on practice.