Item: AlienVault USM
Rating: 10
Author: Dana Hancock

Use Cases and Deployment Scope

AlienVault is used to provide visibility into our network traffic inbound and outbound from/to the Internet as well as traffic between our DMZ, corporate and extranet networks. Prior to AlienVault we configured a layered security design and it was sufficient for most purposes. However, we did not have insight into the actual network traffic to see any viruses, or exploits that were being transmitted within or through our network. AlienVault provided that visibility and also allows us easier vulnerability tracking. We are now able to see when an exploit is present and respond immediately and appropriately.

Pros and Cons

Exploit detection
Vulnerability Scanning
SIEM
IDS

AlienVault is excellent at finding issues/exploits and providing the information necessary for forensics. It could be nice if instructions for remedies could be provided as well.

Alternatives Considered

AlienVault provides an easy-to-use product that is very effective. I have not found another product that met all of my requirements.

Likelihood to Recommend

I have found it well suited for almost all of the purposes we purchased it to provide.

Users and Roles

3 - Information Technology Department personnel

Support Headcount Required

1 - One person does the majority of the work on Alienvault.

Business Processes Supported

Exploit detection
Vulnerability scanning
Logging

Innovative Uses

Great log monitoring.

Future Planned Uses

Vulnerability resolution.

Likelihood to Renew

10

It is a great product and has been instrumental to our security posture.

Products Replaced

No

Key Differentiators

Product Features
Product Usability
Positive Sales Experience with the Vendor

The product features are the reason we purchased the product.

Evaluation Lessons Learned

N/A

Implementation Rating

9

Implementation Details / Implementation Partner

Implemented in-house

Implementation Phases

Yes - We implemented each feature in a phased approach.

Change Management Lessons

Change management was minimal - This product implementation did not affect any users (only IT staff) so change management was not necessary.

Implementation Issues

Learning the product.

Support Rating

9

I have contacted support many times and every time they addressed the issue and continued until it was resolved. The product is solid, so the overall operation is trouble free.

AlienVault USM Customer Support Pros and Cons

Pros	Cons
Quick Resolution Good followup Knowledgeable team Problems get solved Kept well informed No escalation required Immediate help available Support understands my problem Support cares about my success Quick Initial Response	None

Premium Support

No

Bug Resolution

Yes - Very timely.

Exceptional Examples of AlienVault USM Support

At one time the AlienVault system was falsely reporting that Adobe Flash Player was outdated on some of our systems. I contacted support and they contacted me the same day. They researched the issue with me and found that the newest AlienVault update would fix the problem. We installed the new update and the problem was resolved, quickly.

Usability

8

Almost all functions are intuitive, custom logging is not very easy to configure.

Usability Pros and Cons

Pros	Cons
Like to use Relatively simple Easy to use Technical support not required Well integrated Consistent Quick to learn Convenient Feel confident using Familiar	None

Easy Tasks

Vulnerability scanning
Alarm monitoring

Difficult Tasks

Custom logging

Alienvault - The Answer to Many of our Network Security Needs

Overall Satisfaction with AlienVault Unified Security Management