Product Information

AlertLogic Threat Manager v3.5.4

Vendor:

Alert Logic

 

Price:

$1,100/month

Quick Read

Strengths: A lot of event monitoring and management capability.

Weaknesses: Response times could be a little shorter.

Verdict: Good capability, but needs a bit shorter response time.

Rating Breakdown

SC Lab Reviews

Reviews from our expert team

Features:
Documentation:
Value for Money:
Performance:
Support:
Ease of Use:
4/5

Summary

The Threat Manager v3.5.4 with ActiveWatch Monitoring Service from Alert Logic combines intrusion protection and vulnerability management in one device that offers proac­tive and reactive protection from threats. Threat Manager uses an on-demand architecture, which eliminates false alarms associ­ated with IDS technology. The appliance itself is plugged into an existing switch port where all traffic passing through that switch is captured and securely sent to the Alert Logic data center.

From an administration per­spective, this service is easy to use. The administrator can access the web GUI to view a lot of information. The GUI includes a well-organized dashboard, which provides an in-depth overview of network incidents.

Using the ActiveWatch Monitoring Service, with Threat Manager as the core, offers a high level of network security moni­toring. The Alert Logic Secu­rity Operations Center is staffed with experts and provides 24/7 monitoring of security events and alerts. These are driven by the IDS signature library that includes classifications, such as attack, denial-of-service, policy violation and trojans.

Documentation provided by the vendor was a PDF user guide for Threat Manager. This includ­ed installation and configuration information, as well as instruc­tions on how to use the various reporting and log correlation features. It was well-organized and included many step-by-step instructions, diagrams and screen shots.

The company provides both incident- and non-incident-based support. Non-incident support includes phone and email technical support dur­ing business hours, as well as access to an online knowledge base. Incident-based support is covered by an SLA that includes either premium or standard monitoring. Premium monitor­ing will detect and escalate secu­rity incidents for network threats to protected networks within 30 minutes of their occurrence. The standard monitoring service will detect and escalate security incidents for network threats to protected networks within 12 hours of their occurrence.

At a cost of $1,100 per month, we find this service to be a good value for money. The appliance offers a lot of reporting and event management capability. How­ever, the alert response times are slightly below average.

Reviews For This Vendor