Things to think about
Overall Satisfaction with AlienVault USM
It is being used by the IT department for internal vulnerability scans and log collection. It also plays a role in providing information to our internal and external auditors.
Pros
- It is good at doing internal scans of end-user devices to find vulnerabilities without the need of installing an agent or client on each device.
- It is good at being a log server. A place to send logs for all of your networking devices, such as switches, firewalls, and other solutions that accept log servers.
Cons
- Its ability to collect logs from Barracuda solutions needs heavy improvement. How it collects and organizes the data isn't very useful.
- The end device client, which is optional, and can be installed on any device you want to collect more data from, has compatibility issues with quite a few products we use, and anti-virus software in-particular doesn't like it. We have also had some performance issues with devices the client is installed on.
- The way collected data from all devices and locations is presented to the user in the web portal is not as user-friendly or as clean as it could be. It tends to show too much useless data and too many categories, making it easy to miss the important parts.
AlienVault, unfortunately, was not a replacement for any of our current solutions.
We use other products like PRTG for network status monitoring, Uptime SLAs, drive space, device performance, etc. AlienVault has none of these features. We use Network Auditor to collect a lot of the same information AlientVault can collect, but Network Auditor can store this data for an unlimited amount of time and is more user-friendly. AlienVault only stores the data in a searchable format for as long as the plan you purchase from them. That might be as low as 30 days.
We use other products like PRTG for network status monitoring, Uptime SLAs, drive space, device performance, etc. AlienVault has none of these features. We use Network Auditor to collect a lot of the same information AlientVault can collect, but Network Auditor can store this data for an unlimited amount of time and is more user-friendly. AlienVault only stores the data in a searchable format for as long as the plan you purchase from them. That might be as low as 30 days.
Comments
Please log in to join the conversation