Alien Vault UTM is a good middle of the road SIEM for the price
Updated October 05, 2017
Alien Vault UTM is a good middle of the road SIEM for the price

Score 6 out of 10
Vetted Review
Verified User
Overall Satisfaction with AlienVault USM
We use the network IDS, Host IDS, and point our firewall logs to Alienvault. We have found the network IDS to be useful and easy to set up. The host IDS seems a bit less reliable. We have attempted to use the Nagios feature, but it does not work as well as regular Nagios. We like the OTX integration so that we can see when traffic is headed for known bad actors.
Pros
- UI is easy to read.
- OTX integration is good.
- Setting up directives is fairly straightforward.
Cons
- Upgrades/Updates have gotten better, but we still have to call support for them to fix one that has gone sideways occasionally.
- Host IDS seems to regularly lose hosts.
- Nagios features just do not work well for monitoring.
We have not used any competitive products. The ones we looked at when we made the initial purchase were too expensive.
Comments
Please log in to join the conversation