TrustRadius
Alienvault - The Answer to Many of our Network Security Needs
https://www.trustradius.com/security-information-event-management-siemAlienVault USMUnspecified8503101
Dana Hancock profile photo
May 03, 2016

Alienvault - The Answer to Many of our Network Security Needs

Score 10 out of 101
Vetted Review
Verified User
Review Source

Overall Satisfaction with AlienVault Unified Security Management

AlienVault is used to provide visibility into our network traffic inbound and outbound from/to the Internet as well as traffic between our DMZ, corporate and extranet networks. Prior to AlienVault we configured a layered security design and it was sufficient for most purposes. However, we did not have insight into the actual network traffic to see any viruses, or exploits that were being transmitted within or through our network. AlienVault provided that visibility and also allows us easier vulnerability tracking. We are now able to see when an exploit is present and respond immediately and appropriately.
  • Exploit detection
  • Vulnerability Scanning
  • SIEM
  • IDS
  • AlienVault is excellent at finding issues/exploits and providing the information necessary for forensics. It could be nice if instructions for remedies could be provided as well.
AlienVault provides an easy-to-use product that is very effective. I have not found another product that met all of my requirements.
AlienVault has been extremely effective in finding threats in my environment. From something as simple as outdated software detection to detecting an exploit or phishing attempt. It provides me with unequaled visibility into the actual network traffic. It finds exploits in transit and will send me an alarm instantly so I can resolve the issue before it has a chance to propagate through our environment. It integrates with our firewall so I gain the visibility at the edge of our network as well.
After the initial configuration and burn-in period it has reduced the amount of time we use to react to issues. We also have a greater sense of awareness and security knowing that the system is constantly scanning network traffic, analyzing server and firewall logs, etc., to provide us with the necessary information to keep the network secure.
I have found it well suited for almost all of the purposes we purchased it to provide.

Using AlienVault Unified Security Management

3 - Information Technology Department personnel
1 - One person does the majority of the work on Alienvault.
  • Exploit detection
  • Vulnerability scanning
  • Logging
  • Great log monitoring.
  • Vulnerability resolution.
It is a great product and has been instrumental to our security posture.

Evaluating AlienVault Unified Security Management and Competitors

  • Product Features
  • Product Usability
  • Positive Sales Experience with the Vendor
The product features are the reason we purchased the product.

AlienVault Unified Security Management Implementation

Yes - We implemented each feature in a phased approach.
Change management was minimal - This product implementation did not affect any users (only IT staff) so change management was not necessary.
  • Learning the product.

AlienVault Unified Security Management Support

I have contacted support many times and every time they addressed the issue and continued until it was resolved. The product is solid, so the overall operation is trouble free.
ProsCons
Quick Resolution
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
None
Yes - Very timely.
At one time the AlienVault system was falsely reporting that Adobe Flash Player was outdated on some of our systems. I contacted support and they contacted me the same day. They researched the issue with me and found that the newest AlienVault update would fix the problem. We installed the new update and the problem was resolved, quickly.

Using AlienVault Unified Security Management

Almost all functions are intuitive, custom logging is not very easy to configure.
ProsCons
Like to use
Relatively simple
Easy to use
Technical support not required
Well integrated
Consistent
Quick to learn
Convenient
Feel confident using
Familiar
None
  • Vulnerability scanning
  • Alarm monitoring
  • Custom logging