SolarWinds Security Event Manager Review
Updated December 09, 2020
SolarWinds Security Event Manager Review
Score 7 out of 10
Vetted Review
Verified User
Overall Satisfaction with SolarWinds Security Event Manager (SEM)
SolarWinds Security Event Manager is utilized by the Information Technology department. Individuals on multiple IT teams have email alerts set up to notify them about events that require action. Additionally, the Security Event Manager is also utilized when there is a need to look at the logs to identify the root cause of a problem. For example, user account lockouts at a time the user wasn't in the office. It addresses multiple business problems by letting us know when something requires our attention.
- Easy to utilize--the rules are straightforward and pre-configured. You just have to customize them to fit your environment.
- Great customer service, which is incredibly useful when you want help with better utilizing the SEM.
- Easy and clear filters when looking for specific information without your environment.
- The SEM can be rather slow--an increase in CPU and RAM appeared to fix this problem fairly easily though.
- The SEM has lately required reboots for us fairly often. This is something we are currently working with support to resolve.
- The SEM could release additional graphic options to help better display data to management.
- Able to keep our systems with a higher uptime, due to being able to resolve issues faster.
- Able to be alerted on key issues, making us more proactive.
- Able to research issues more easily in one central location.
I have additionally used Netwrix Auditor, which has some similarity with SolarWinds SEM. I use both hand in hand, but typically use the SEM first since it is easier to manage. With Netwrix custom searches are more complex than customer searches in the SEM. The SEM makes it easy to save custom filters, which makes future similar research very easy.
SolarWinds Security Event Manager (SEM) Feature Ratings
ROI
- Price
- Product Reputation
Our IT team has a few products with SolarWinds so the SEM was the first product considered. The brand reputation is the main factor that lead to purchasing the SolarWinds Security Event Manager. Additionally, the price is always a factor that is taken into close consideration at our company.
Using SolarWinds Security Event Manager (SEM)
5 - Information Security and Systems Team are the main users of the SEM. A few other teams get alerts from the SEM, but aren't in the SEM interface or familiar with the platform. Only a handful of employees actually handle the management and configuration of the SEM in our environment. But a good amount of our IT team has alerts set up for them.
3 - Supporting the SEM has required working with the command line a little bit and being able to enter the back end of the SEM. Having a team member willing to do that, is essential when it comes to things like needing to reboot the SEM or upgrade it. However, most things are handled by one person and then escalated as needed.
- Filters to check for issues (that you don't want email alerts for)
- Email alerts for major issues that require user action
- Automation of actions based on certain alerts
- Checking for failing service accounts
- Being able to review account logon failure reasons
- Alerts that we didn't plan on putting in SEM
- Research problems to find who caused a specific change
Do you think SolarWinds Security Event Manager (SEM) delivers good value for the price?
Yes
Are you happy with SolarWinds Security Event Manager (SEM)'s feature set?
Yes
Did SolarWinds Security Event Manager (SEM) live up to sales and marketing promises?
Yes
Did implementation of SolarWinds Security Event Manager (SEM) go as expected?
I wasn't involved with the implementation phase
Would you buy SolarWinds Security Event Manager (SEM) again?
Yes
SolarWinds Security Event Manager (SEM) Support
| Pros | Cons |
|---|---|
Knowledgeable team Kept well informed Support understands my problem Support cares about my success Quick Initial Response | Poor followup Escalation required |
No - We have just regular support, which is enough to resolve issues. I turn to the SolarWinds Thwack community for a lot of things. There is lots of documentation and informative information there that can prevent even needing to open a support ticket. I always check documentation, Thwack, and then open a support ticket if those options didn't answer my questions.
I watched a SolarWinds webinar and months later the SolarWinds rep is still willing to help me out with any questions. Every once in the while, I will send him a quick question regarding configuration or a new feature of the product. He always replies fast and gives great detailed answers.
Using SolarWinds Security Event Manager (SEM)
| Pros | Cons |
|---|---|
Like to use Relatively simple Easy to use Technical support not required Well integrated Consistent Convenient Feel confident using | Lots to learn |
- Search function
- Setting up filters
- Monitoring node status
- Setting up alerts
- Reducing alert noise