Great Security Solution for a Mid Size Business - FW/IPS/SIEM
August 10, 2016

Great Security Solution for a Mid Size Business - FW/IPS/SIEM

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with RackFoundry Total Security Management

We initially did a POC of RackFoundry's Total Security Management appliance as we were looking for Intrusion Prevention, Intrusion Detection and a Log Management tool. Their current solution allowed us to do more with less. As with all security we really had a tight budget for the fiscal year. Total Security Management allowed us to procure multiple security functions instead of a single product. I can say I am not disappointed with the product as we passed our PCI compliance, however it does take some time for it to boot up. The setup was easy and took less than 30 minutes and my preferences were set in a span of 2 weeks. Easy to use and user friendly for my team for a mid size asset count.
  • All-in-one solution that covers all the essentials and basic of security needs
  • Unique methodology way for cost effective enterprise security solution
  • Help exceed compliance as their interface allows you to tailor your compliance needs
  • Simple and friendly customizable user interface dashboard
  • Unique function: Ask an Expert
  • Premium fully manage automatic updates with access
  • Deployable Security Modules that encompass IPS/IDS/SIEM/VA/FW
  • Knowledgeable engineers, who helped improve our overall infrastructure by making it more secure
  • Ask an Expert takes takes 2-48 to hours respond. I've seen them take up to 47 hours on an unknown log, however it has never been greater than 48 hours.
  • Initial configuration took 2-3 weeks to adapt to my team's preference.
  • Professional service days are expensive.
  • We were able to have greater security visibility because of the IDS and the SIEM feature.
  • If we did not choose RackFoundry's Appliance, we probably would have only had 2 security functions that has limited features. Instead we have multiple security functions and had a little extra budget to use towards new equipment.
  • The device has allowed me to use my time more effectively at work. Instead of having some of my staff dedicate their time towards sifting through logs, we are able to see actionable data and react faster.
Well I have experience with the big names: SecureWorks, IBM and Splunk. Individually their logging tools are much better than RackFoundry's Total Security Management. This is great for large corporations and urban cities, however not so great for municipalities, mid size businesses and companies who fluctuate between 1-7 members on their IT staff. Why? Because it takes too much of their resources and integration with other products gets a little rough as you will need to configure your preferences to theirs. When a company has stability it is great to have a name brand product, however renewals and upgrade costs can be taxing to an organization.
RackFoundry Total Security Management (TSM) is suited for most companies that have the same challenge as my team had. If you are looking to purchase one security tool and spend most of your allocated budget then I would not recommend this for you. However, if you are looking for something close to a single pane of glass, (granted there is no such thing) this solution does come close as they have the main components built in such as their FW/IPS/IDS/SIEM. Before selecting RackFoundry we had two options which were: 1) Upgrade our current solution and spend an overbearing amount 2) Search for new vendors and maybe procure 1-3 devices and then manually integrate them. Because this was a unified console and integration between devices was simple, we were able to obtain 4-6 security functions and we even had some sense of security visibility via the SIEM. It's not as powerful as Splunk or LogRhythm, but it definitely does the job.

RackFoundry Total Security Management Feature Ratings

Centralized event and log data collection
8
Correlation
8
Event and log normalization/management
9
Deployment flexibility
10
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
9
Host and network-based intrusion detection
8