USM Anywhere vs VMware Aria Operations for Logs comparison

"Allowed us to help our customers satisfy compliance needs around logging and monitoring."

"The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful."

"The setup is very easy and straightforward."

"The best thing about AlienVault USM is it being a “Jack-of-All Trades” solution. It provides SIEM, HIDS/NIDS, FIM, NetFlow, Asset Management, Vulnerability Management, etc., under one USM platform. None of the commercial SIEM vendors like ArcSight, McAfee, etc., can boast of such a diverse feature set."

"Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."

"Its powerful correlation engine helps reduce time in manually correlating events."

"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."

"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."

"One of the things I like about it is its interface. When it comes to generating reports on VMs and stuff, it's very quick. This is very handy for the technical team, who need to generate reports quickly. So that's really good."

"The events are notably more descriptive, aiding in security and event analysis. We've also integrated Sky Collector, providing valuable insights and solutions for troubleshooting."

"The root cause analysis feature is very valuable."

"I like the interface."

"It is very scalable and can handle a large workload."

"Our current costs are too high, and this tool will help us to better optimize our infrastructure."

"It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly."

"What I like is that you can have different storage locations for different applications."

"Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products."

"I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."

"Support can be slow at times, but the quality is high. Posted knowledge base articles could use improvement."

"The one thing I continue to dislike about the USM is the limitation on reports."

"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."

"More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you."

"AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days."

"It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product."

"In vRealize login files, we have limitations regarding log partitions."

"The monitoring landscape is getting bigger. When it comes to infrastructure monitoring, we need more visibility. VMware needs to integrate more related applications and third-party products. That would make it more appealing to an audience beyond the VMware team."

"The dashboard needs to be improved because this is what I need to monitor my infrastructure."

"The pricing of the solution could be improved."

"They should improve their web interface to make it more user-friendly."

"I think that it should be able to integrate with other third-party backup and recovery solutions, more that it does now."

"What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects."

"The tool is expensive."

"It allows you to do a lot with a small price tag... The pricing is the best on the market."

"Negotiate the best package for your environment."

"Its price is in the medium to upper range."

"Use an MSSP instead. It is much cheaper."

"QRadar, ArcSight and Splunk are some of the most expensive SIEM products out there in the market and not everyone has the budget to buy them. In such cases, AV USM is a very cost effective alternative."

"AlienVault is certainly not nearly as expensive as Splunk or QRadar. It's decently priced, but I don't have the exact figure."

"It is a product that is priced in a medium range, making it neither a cheap nor a costly product."

"We pay around $12,000 a year including storage."

"Pricing is good because it is part of the suite package. It comes in a bundle for us."

"The license cost for any other monitoring tool is too high compared to this product."

"Pricing could always be lower. If it were free, I would be more satisfied."

"The product's price is reasonable, but when it comes to SQL licensing, it's a bit expensive."

"I am not sure what the exact cost is. However, I believe the vRealize suite costs $2,500.00 per year."

"The licensing cost for vRealize Log Insight is a little higher, so in terms of cost, it all depends upon what kind of environment you have. If you have a complete virtualized environment, or at least you're using a ninety-five percent virtualized environment, then vRealize Log Insight will play a very good role because it is a VMware component, so it has very tight integration with other VMware components and systems. This means you don't have to procure any other monitoring and management tool, and you don't need a separate automation tool. vRealize Log Insight will have an upper hand if your environment is purely virtualized on VMware. If you're using a mix of physical and virtual components, for example, a 50:50 ratio, then you need to have a third-party component to manage overall monitoring."

"The pricing has been updated recently."

"I rate the product's price a six on a scale of one to ten, where one is cheap, and ten is expensive."