Content

AlertLogic Threat Manager v3.5.4

The Threat Manager v3.5.4 with ActiveWatch Monitoring Service from Alert Logic combines intrusion protection and vulnerability management in one device that offers proac­tive and reactive protection from threats. Threat Manager uses an on-demand architecture, which eliminates false alarms associ­ated with IDS technology. The appliance itself is plugged into an existing switch port where all traffic passing through that switch is captured and securely sent to the Alert Logic data center.

From an administration per­spective, this service is easy to use. The administrator can access the web GUI to view a lot of information. The GUI includes a well-organized dashboard, which provides an in-depth overview of network incidents.

Using the ActiveWatch Monitoring Service, with Threat Manager as the core, offers a high level of network security moni­toring. The Alert Logic Secu­rity Operations Center is staffed with experts and provides 24/7 monitoring of security events and alerts. These are driven by the IDS signature library that includes classifications, such as attack, denial-of-service, policy violation and trojans.

Documentation provided by the vendor was a PDF user guide for Threat Manager. This includ­ed installation and configuration information, as well as instruc­tions on how to use the various reporting and log correlation features. It was well-organized and included many step-by-step instructions, diagrams and screen shots.

The company provides both incident- and non-incident-based support. Non-incident support includes phone and email technical support dur­ing business hours, as well as access to an online knowledge base. Incident-based support is covered by an SLA that includes either premium or standard monitoring. Premium monitor­ing will detect and escalate secu­rity incidents for network threats to protected networks within 30 minutes of their occurrence. The standard monitoring service will detect and escalate security incidents for network threats to protected networks within 12 hours of their occurrence.

At a cost of $1,100 per month, we find this service to be a good value for money. The appliance offers a lot of reporting and event management capability. How­ever, the alert response times are slightly below average.

Product title
AlertLogic Threat Manager v3.5.4
Product info
Name: Alert Logic Threat Manager v3.5.4 Description: Price: $1,100/month
Strength
A lot of event monitoring and management capability.
Weakness
Response times could be a little shorter.
Verdict
Good capability, but needs a bit shorter response time.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.