Purchased & Installed for Compliance
March 29, 2016
Purchased & Installed for Compliance
Score 6 out of 10
Vetted Review
Verified User
Overall Satisfaction with AlienVault Unified Security Management
We use AlienVault's UTM to help with our PCI compliance. We need a system that can centrally receive and inspect system logs, as well as run 'FIM' (file integrity monitoring) and provide an alert when something out of the ordinary occurs. AlienVault also has a built-in vulnerability scanner 'OpenVAS' that we use to scan for vulnerabilities within our Windows and Linux servers.
- Overview of Log information from multiple sources (Trends, frequency, types)
- Vulnerability scanning
- Ticketing and Alerting
- Extremely hard to set up
- Hard to configure log filtering
We looked at LogRhythm, LogLogic and Splunk. LogRhythm and LogLogic are great products, but too expensive for a small environment; Splunk requires a lot of investment in time to set up and configure, so we went instead for AlienVault.
Using AlienVault Unified Security Management
2 - Security and compliance
2 - General IT abilities, plus we run AlienVault inside VMware so a basic ability to troubleshoot the VM.
In an ideal world, someone with IT security knowledge, and experience working with log files is the kind of person you need.
In an ideal world, someone with IT security knowledge, and experience working with log files is the kind of person you need.
- Central log collection
- Log & event analysis
- Alerting
- File integrity monitoring
- Network Intrusion Detection System
- Vulnerability Assessment
AlienVault Unified Security Management Support
Pros | Cons |
---|---|
Quick Resolution Good followup Knowledgeable team Problems get solved Kept well informed No escalation required Support understands my problem Support cares about my success | Difficult to get immediate help |
Yes - It is a mandatory element when purchasing the product.
On one particular issue I wanted to do something that wasn't strictly supported, but the support agent gave me their 'unofficial' solution anyway - and it worked [like] a treat!
Using AlienVault Unified Security Management
Pros | Cons |
---|---|
Like to use Consistent | Unnecessarily complex Difficult to use Requires technical support Slow to learn Feel nervous using Lots to learn |
- Looking at log files received by the system
- Vulnerability scanning
- System Updates
- Setting up Alerting
- Generating Custom Reports