1. Home
  2. Security Information and Event Management (SIEM) Software
  3. AlienVault USM Reviews
  4. User Review of AlienVault USM
Things to think about
April 07, 2019

Things to think about

Dustin Hannon | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User

Software Version

USM Anywhere (SaaS)

Overall Satisfaction with AlienVault USM

It is being used by the IT department for internal vulnerability scans and log collection. It also plays a role in providing information to our internal and external auditors.
  • It is good at doing internal scans of end-user devices to find vulnerabilities without the need of installing an agent or client on each device.
  • It is good at being a log server. A place to send logs for all of your networking devices, such as switches, firewalls, and other solutions that accept log servers.
  • Its ability to collect logs from Barracuda solutions needs heavy improvement. How it collects and organizes the data isn't very useful.
  • The end device client, which is optional, and can be installed on any device you want to collect more data from, has compatibility issues with quite a few products we use, and anti-virus software in-particular doesn't like it. We have also had some performance issues with devices the client is installed on.
  • The way collected data from all devices and locations is presented to the user in the web portal is not as user-friendly or as clean as it could be. It tends to show too much useless data and too many categories, making it easy to miss the important parts.
AlienVault, unfortunately, was not a replacement for any of our current solutions.
We use other products like PRTG for network status monitoring, Uptime SLAs, drive space, device performance, etc. AlienVault has none of these features. We use Network Auditor to collect a lot of the same information AlientVault can collect, but Network Auditor can store this data for an unlimited amount of time and is more user-friendly. AlienVault only stores the data in a searchable format for as long as the plan you purchase from them. That might be as low as 30 days.
AlienVault was not a replacement for any of our current solutions. It was an addition to them, because it collects some data our other solutions do not. We hoped for AlienVault to be able to replace most if not all of our similar solutions and log servers, but it just doesn't get the job done on that front.
Our environment is complex and stretched across many physical offices. This limited how we were able to use AlienVault. We are not currently able to use or enable all of its features. In a simple network infrastructure, AlienVault would do much better.
Note that the cost of the AlienVault product itself will most likely not be your only costs. It will require your network engineer(s) to spend multiple hours configuring or re-configuring your infrastructure to make some of its features work, such as mirror ports and virtual hosts to collect all network traffic from your core.