Overall Satisfaction with AlienVault USM
AlienVault is being used for the Security Team to see all host and network traffic. This real-time SIEM is tuned to give us alarms we actually need to look at on a daily basis. This addresses anything from malware to network, system and email breaches.
With Alienvault having an easy sensor deployment in our VMware environment and Alien Apps for things like O365 we have come to really like the product because it can see traffic a lot of others can't. The problem area is if a host is not statically assigned an IP address you have to do a lot of manual IP configuration for when the host gets a new IP from DHCP.
AV is beneficial for monitoring all hosts in an environment. I can't think of a scenario where it is less appropriate.