SolarWinds Security Event Manager Reviews

We use SolarWinds as a kind of SIEM solution, so I don't have other additional security needs. Lately, we've been exploring other solutions. We are a Managed Security Services Provider, and we have nine people predominantly working on that solution. We also have team members who work on multiple solutions.

Lately, all of the solutions continue to improve, so I believe SolarWinds will also improve. But all the solutions need to have the same features, so I don't see any specific feature that needs to be more user-friendly. There is no unique element that makes SolarWinds better than the others.

SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways. Another area that needs improvement is the integration of the IT framework. We are automating the framework using their tools. I think that automation will help.

We've been using SolarWinds for three years.

SolarWinds' stability is fine. I don't think we've had any software issues.

There are some scalability issues with SolarWinds. For example, whether it will be on-prem or on the cloud, there are several things we have to leave with the integrators. Many solutions are integrated. SolarWinds is not convenient enough to meet our current needs and it requires an upgrade, but I'm also thinking about some others. I believe that Azure is doing well as a cloud tool right now.

We're not happy with SolarWinds' support.

Whether SolarWinds is easy to set up depends on what you're doing. Before a technician did the implementation, someone had been tweaking and operating. However, the tool does not support many things or have much to offer.

Licensing cost it's an issue with SolarWinds. 

I rate SolarWinds six out of 10. Comparing SolarWinds with Azure, it seems like Azure can do much more, so we are considering switching to Azure. If you are thinking of adopting SolarWinds, I would suggest considering what your business needs. Every business has different requirements. For example, if you're an IoT guy, you don't need tools that will help you with your IT environment. If you're in the manufacturing or oil and gas industry, you have a combination of IT and IoT, so then you'll go for something that fits those needs. 

We primarily use the solution for monitoring the network.

The NTA & NPM are the most valuable features of the solution.

The solution is very user-friendly.

We're currently looking for an application monitoring solution and maybe a DHCP management module. It would be ideal if the solution could add these in its next release.

The solution should offer better support and better SLAs.

The solution is very stable.

Scalability is fairly simple if you have the right licenses in place

The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow.

We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before.

The initial setup was straightforward. The deployment took about two weeks. You only need two people for both deployment and maintenance.

We handled the implementation ourselves in house.

It gives the business visibility as to what is down so that the turnaround time for fixes is much less.

We do a yearly license renewal.

We are using the on-premises deployment solution.

It is a good solution to work with and it's very easy to use. I would only ensure that the organization that decides to implement the solution has the internal capability to manage it. If not, then I would ensure that direct support or an SLA is in place to help handle any issues or troubleshoot problems. 

I would rate the solution nine out of ten.

I basically use it to look at the logs that are coming in, analyze those logs, and get recommendations of where we have problems.

It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. 

It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects.

Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch.

They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month.

I have been using SolarWinds LEM for a year and a half.

It is stable.

It is scalable. Altogether, we have about five actual users. I got myself as the administrator, and then there are a couple of people who do the monitoring. I have got 2,000 systems listed on it.

In terms of a team, I would say you need at least three people for what I am doing. I am using the key research logs and pulling data from these logs. For one person, it takes a lot of time to do what I am doing right now.

I am very satisfied with their technical support.

I had another system, but I wasn't happy with it and its service and support. We just let it go.

The initial setup is straightforward. The actual initial installation is not a problem. The problems come when you do your upgrades with it.

It took about a week to set it up and get all little things going in the way I wanted to. To make sure that correct data logs are going in, I tweaked some of the rules and filters and the domain across the net with individual systems.

We originally started out with the seller, but when we did the first upgrade, it didn't go the way it should. From that point, I set it up from scratch and did the upgrade. At that time, it was version 6.6.

It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap.

I would recommend SolarWinds LEM. We plan to continue using it. We have already put in the Orion platform system and brought it into play. We are next looking at the server access management. That probably would be the next step to implement.

I would rate SolarWinds LEM a ten out of ten.

We are using SolarWinds Security Event Manager for event analysis.

The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace.

I have been using SolarWinds Security Event Manager for approximately six years.

The performance and stability of SolarWinds Security Event Manager are good.

The scalability of SolarWinds Security Event Manager is good. 

We have approximately 500 users using this solution in my organization.

We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them.

The vendor did the setup of SolarWinds Security Event Manager.

We used an integrator for the implementation of SolarWinds Security Event Manager.

I would recommend SolarWinds Security Event Manager to others.

I rate SolarWinds Security Event Manager a seven out of ten.

The initial setup is very straightforward and simple. 

It can scale quite well. 

The File Integrity Monitoring is great. In FIM, if you want to know who has changed a file, when that file was changed, et cetera, you have that visibility. You can make the reports from the console directly. That is out of the box. The report is there for you to use. The customization for the reports and alerts is also very easy. It helps maintain compliance and security. You also can easily analyze the logs as needed. 

This is a stable product.

It supports high availability, which is very helpful. 

It captures all of the requirements clients tend to need. It has everything. 

We'd like more customization capabilities. We need to post events on the end of the devices. Sometimes, the event does not respond. There seems to be a compatibility issue at play. For the customized UX, if you post events, there are compatibility problems. The OEM needs to work on that part.

I've been using the solution for six years. 

The solution is stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

Scaling is easy. You just have to add VMs. 

The support is good. Previously, the support was not good. However, they've improved it over the last two years.

2020 there was an attack on SolarWinds software. They had trouble then. Now, it is stable and the support is very, very good. They have expanded their offices all over the world. I am located in India. They have a branch here so we can deal with local people.

The installation is very easy. Even if you are non-technical, it's not an issue to get everything up and running. 

You only need maybe two people to monitor and manage it once it is deployed. However, if the environment is quite large, you may need more. 

If a person prefers to pay for a subscription, the cloud deployment is the way to go. However, they can also choose to go on-premises and have a perpetual license. I can't speak to the exact costs, as I am on the technical side. 

We compared the solution to QRadar.

We are partners. 

This can be deployed both on the cloud and on-premises. 

I'd rate the solution nine out of ten. 

SolarWinds Security Event Manager is used for retrieving events and suspicious activities.

We are only studying the solution.

SolarWinds Security Event Manager has been generally working well.

I have been using SolarWinds Security Event Manager for a couple of months.

SolarWinds Security Event Manager is stable.

The scalability of SolarWinds Security Event Manager is good.

We might increase our usage of the solution in the future.

I have contacted the support from SolarWinds Security Event Manager and they are good.

The deployment of the solution took a couple of weeks.

The company had to use a third party for the implementation of the solution.

I have seen an ROI by using this solution.

The price of SolarWinds Security Event Manager is reasonable.

We have more than one person who does the maintenance of the solution.

I rate SolarWinds Security Event Manager a seven out of ten.

We have a hyper requirement to maintain logs of access and changes, so this solution logs everything.

The most valuable feature is the ease of use for the end user. 

It can be difficult for users who are inexperienced with the solution. 

It is managed by our tech support team that is in-house, so we do not need their tech support help. 

My advice to users of this solution is to make sure that you know what it is you are looking for, and what it is you are trying to log. Otherwise, it will be difficult to manage.

I use this solution to examine our logs and the logs of our customers

We have experience with on-premises deployments.

The most valuable feature of this solution is the visibility into both attempted and failed logins.

The query capability in this solution needs improvement. When you watch to fetch logs at specific times, sometimes there are issues.

The filtering engine needs to be improved to make it more accurate. When you are filtering, it comes with a lot of unwanted data.

I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis.

This is a stable solution. I have seen issues, but they have been related to the platform, and not to the product itself. We use this solution on a daily basis.

I don't think that this solution would do well for very large organizations. For smaller organizations, it should be good.

We have approximately three hundred users. The users are a mixture of programmers, system engineers, database administrators, and others in our IT company. 

When we were doing the scoping we left room to grow, I don't expect that we will be expanding our usage anytime soon.

I have used IBM QRadar. It is a SIEM solution, but it can do what LEM can do.

The initial setup of this solution is straightforward.

The length of deployment depends on how big the infrastructure is. Most of the deployments take less than a week, but some go beyond that. In my experience, it all depends on how many boxes you have and how many we are taking logs from. Some people will give you a whole list, while others will choose only specific things. You have to give people something that is unique to their environment.

One person is enough for the deployment.

I take care of the implementation and deployment of this solution.

We did not evaluate other options before choosing this solution. Some of the customers have their preference and will ask for something else, so that is what we will do for them.

My advice for anybody who is considering this solution is to really review their expectations. I know that some people who do not review their expectations are upset after the implementation because they feel that they are getting less than what they bargained for.

People also have to consider the system resources, and what they will be on the physical box or on a VM. If the proper resources are not assigned then it will impact the solution.

This is a good solution but there is no perfect system.

I would rate this solution a nine out of ten.