Basic review of AV
Overall Satisfaction with AlienVault Unified Security Management
It is our primary SIEM tool that is leverage by the IT and security teams. It is centrally located within our network, hosted on a VM cluster, which made it really easy to get setup. It solves the need to have data consolidated into one platform that will alert the team to anomalies, by connecting to all my network devices and learning what is normal and what is suspicious.
Pros
- Alarms dashboard provides a great overview of all alerts, makes it easy to see what I need to focus on and what is noise
- Easily connects to all my desktops/servers using the HIDS agent, makes it simple to get setup
- As a solution, it was relatively cheap in comparison to it's competitors.
Cons
- Does not play well with CheckPoint firewalls, this has been a major pain point for me
- Would be great if there was a quick way to dismiss normal activity
Did not look at many, but cost was a big driver for me, along with ease of setup and use.
Comments
Please log in to join the conversation