Basic review of AV
July 22, 2016

Basic review of AV

Marc Roche, MBA, CISSP, CCSP | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with AlienVault Unified Security Management

It is our primary SIEM tool that is leverage by the IT and security teams. It is centrally located within our network, hosted on a VM cluster, which made it really easy to get setup. It solves the need to have data consolidated into one platform that will alert the team to anomalies, by connecting to all my network devices and learning what is normal and what is suspicious.
  • Alarms dashboard provides a great overview of all alerts, makes it easy to see what I need to focus on and what is noise
  • Easily connects to all my desktops/servers using the HIDS agent, makes it simple to get setup
  • As a solution, it was relatively cheap in comparison to it's competitors.
  • Does not play well with CheckPoint firewalls, this has been a major pain point for me
  • Would be great if there was a quick way to dismiss normal activity
Did not look at many, but cost was a big driver for me, along with ease of setup and use.
I found it quite useful, as I mentioned earlier, the alarms dashboard is very useful. I have that up 100% of the time on a 3rd monitor to watch activities in my environment. This allows me to focus on the major items like system compromise and make environmental awareness a lower priority.
This product has greatly benefited the IT team in finding holes, software that requires patches, and investigating potential threats to the network. Before AV, I was looking at pages of firewall logs, trying to read symantec reports, look at URL filter logs and sift through event viewer logs. Now, that's all done for me on a nice dashboard.
This product is best suited to smaller firms that just need the basics up and running quickly. Interface is intuitive so no need for major training to get yourself up and running and protecting your firm in a matter of hours. Relatively low ongoing maintenance, which suits smaller firms with small IT teams.
Not suited to environments that are not standard plug in's, such as a heavy CheckPoint firewall environment unless you have some coders on your team that can write the necessary code to program the AV to read input data.