An affordable SIEM that doesn’t need a rocket science degree to operate.
December 28, 2019

An affordable SIEM that doesn’t need a rocket science degree to operate.

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with SolarWinds Security Event Manager

We are using the Security Event Manager to keep track of a number of things.

Configuration changes for our Core network And campus devices which include nexus and Cisco iOS routers, switches and firewalls. We use it as a way to audit admin login failures. Our Device Syslog is sent to it. We use it to keep analyze network traffic when troubleshooting.
  • It does a great job of notifying us when accounts have been locked out. We can then find out the device on the network where the login attempt occurred.
  • Searching for incidents is now a lot faster with the implementation of the HTML 5 interface.
  • Some aspects have not been fully integrated into HTML 5. Those are still a bit slow to access.
  • Need an easier way to upgrade the software. SSH to the console and running the commands to connect to the TFTP server is archaic. Needs an “update” button.
  • It saves a lot of time when we had issues trying to figure out where the user account lockout was coming from.
  • With it being an affordable SIEM, we are able to have the ability to do the actions associated with a SIEM and the advantages of not “breaking the bank account”.
The SEM is a whole lot easier to install and maintain than Cisco Firepower. It is also less expensive which is a big plus. There are places where Cisco Firepower is needed but for a company of our size, the SolarWinds Security Event Manager hits the sweet spot for us.
We have only needed to contact SolarWind's support a few times for this product but when we have, the engineers have been thorough and persistent with helping us to resolve our issue. One of the issues we had was an upgrade the went wrong. The engineer was able to help us and get our SIEM back online before the end of our maintenance window.

Do you think SolarWinds Security Event Manager (SEM) delivers good value for the price?

Yes

Are you happy with SolarWinds Security Event Manager (SEM)'s feature set?

Yes

Did SolarWinds Security Event Manager (SEM) live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of SolarWinds Security Event Manager (SEM) go as expected?

Yes

Would you buy SolarWinds Security Event Manager (SEM) again?

Yes

It is well suited to monitor your Windows AD. You can get detailed login information and notifications like failures and lockouts. It also shows the IP address where it occurs so it makes locating the culprit a lot easier.

It does well with monitoring for suspicious activity. It can alert you if It sees a client is trying to circumvent DNS so they can go through proxy avoidance tactics.

SolarWinds Security Event Manager (SEM) Feature Ratings

Centralized event and log data collection
8
Correlation
7
Event and log normalization/management
8
Deployment flexibility
7
Integration with Identity and Access Management Tools
Not Rated
Custom dashboards and workspaces
3