USM - More Bang for your Buck!
Overall Satisfaction with AlienVault USM
We are using AlienVault Unified Security Management not only to monitor our own organization, but we also have a federation server to receive alerts from clients. This allows us to be proactive both internally and for our MSSP clients.
- Ease of installation - The VMware OVA installation is very quick, and basically bulletproof. Once installed, the Setup Wizard gets you up and going rather quickly.
- The availability of sensor plug-ins for the most common network devices is a real plus in getting operational quickly.
- The USM user interface is easily navigable, and is laid out very well. It makes configuration and remediation very quick.
- I'd like to see an auto-update feature. Having to manually update several times a week (times 2 servers) is a process I'd like automated.
- Policy based email alerts can be difficult for new users to set up. I would like to see a Notification Wizard for this.
- Have Asset Discovery more actively identify network devices. It seems to always detect Windows 7 systems as Server 2008, for example. Better interrogation and maybe plug-in recommendations.
In my opinion, AlienVault USM gives more bang for the buck than the more high-end products.