Overall Satisfaction with AlienVault USM
The USM is being used by the IT department as a SIEM, giving our organization a 360 view of what's going on in the network infrastructure, and more focus on the critical infrastructures which has been plugged-in to send all their log activities. The AlienVault USM has made it simple by the creation of plugins which makes it easier to express the logs in simple expression for easy understanding.
- Large plugin base to accommodate different devices.
- Easy to deploy.
- Easy management.
- Makes network monitoring and actionable steps clear and simple.
- Updating the appliance to a newer version.
- More control over which devices will be allowed to log into a database and which ones that should just appear, so that the database will not get filled up quickly.
Though IBM QRadar is a good product, it is not easy to manage and maintain. It's too bulky to understand and manage. The correlation rules are also not easy to work with. AlienVault has great support and knowledge. The community strength derived from being open source gives Alienvault the advantage of being up to date with threat intelligence.