Alert Logic Threat Manager
Strengths: Fast response times, great level of information provided, and easy to reach support personnel.
Weaknesses: None that we could find. The offering performed excellently in all evaluated categories.
Verdict: With no deficiencies in any tested categories and several strengths, the product was an all around superior offering which earned our Best Buy rating.
Alert Logic submitted for review a co-location offering, which used a single rack mount device to monitor connections passed through the lab Check Point Firewall-1 firewall. The Service Level Agreement (SLA) for the Threat Manager offering ensured response within 30 minutes of the detection and escalation of security incidents. The Threat Manager offering never needed more than 20 minutes to respond to an alert, and also posted a best time of a port scan response within eight minutes. The longest response time from the Threat Manager offering was 17 minutes, and this notification was in response to a buffer overflow attack which took place inside of an SSL tunnel. Overall, the response times of Alert Logic were impressive, as was the level of information provided.
The portal provides a lot of information that is easy to navigate and to comprehend. The interface for the portal provides several reports that can be generated, as well as multiple logins to the interface with differing security levels. This feature is important since it may be useful to have different people with different requirements access the portal.
The installation of the device was simple and took less than 15 minutes to install into the lab test network. The service configuration from Alert Logic took less than 30 minutes, while overall the installation took under 45 minutes to complete. In a production environment, of course, this would take a bit longer, but we were encouraged by its simplicity.
Documentation for this product is provided, and this covers the rather straightforward installation.
Phone, email and the web portal are the primary mechanisms for contacting Alert Logic, and all queries were responded to quickly. The engineers at the security/network operation center were knowledgeable and helpful and often provided a great level of informational detail.
The pricing for Alert Logic was at the low end of the price spectrum, and when compared with the strength of the offering was clearly a "Best Buy." Like most of the offerings in the MSSP marketplace, actual pricing depends on the installation and the SLA.