Basic review of AV
July 22, 2016

Basic review of AV

Marc Roche, MBA, CISSP, CCSP | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with AlienVault Unified Security Management

It is our primary SIEM tool that is leverage by the IT and security teams. It is centrally located within our network, hosted on a VM cluster, which made it really easy to get setup. It solves the need to have data consolidated into one platform that will alert the team to anomalies, by connecting to all my network devices and learning what is normal and what is suspicious.
  • Alarms dashboard provides a great overview of all alerts, makes it easy to see what I need to focus on and what is noise
  • Easily connects to all my desktops/servers using the HIDS agent, makes it simple to get setup
  • As a solution, it was relatively cheap in comparison to it's competitors.
  • Does not play well with CheckPoint firewalls, this has been a major pain point for me
  • Would be great if there was a quick way to dismiss normal activity
Did not look at many, but cost was a big driver for me, along with ease of setup and use.
This product is best suited to smaller firms that just need the basics up and running quickly. Interface is intuitive so no need for major training to get yourself up and running and protecting your firm in a matter of hours. Relatively low ongoing maintenance, which suits smaller firms with small IT teams.
Not suited to environments that are not standard plug in's, such as a heavy CheckPoint firewall environment unless you have some coders on your team that can write the necessary code to program the AV to read input data.