AlienVault Is a Success
Overall Satisfaction with AlienVault USM
AlienVault is being used for the Security Team to see all host and network traffic. This real-time SIEM is tuned to give us alarms we actually need to look at on a daily basis. This addresses anything from malware to network, system and email breaches.
Pros
- Deployment with the sensors for USM anywhere.
- Support
- Responsive UI
- Alien Apps
Cons
- Agents offline
- Easier agent deployment on host.
- Quicker response from engineers and not just send engineers a document for the fix.
With Alienvault having an easy sensor deployment in our VMware environment and Alien Apps for things like O365 we have come to really like the product because it can see traffic a lot of others can't. The problem area is if a host is not statically assigned an IP address you have to do a lot of manual IP configuration for when the host gets a new IP from DHCP.
Comments
Please log in to join the conversation