TrustRadius

AlienVault OSSIM (discontinued) vs. WatchGuard Firebox Cloud

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
AlienVault OSSIM (discontinued)
Score 8.9 out of 10
N/A
AlienVault OSSIM was an open source Security Information and Event Management (SIEM). AlienVault was acquired by AT&T Cybersecurity, now LevelBlue, and OSSIM is no longer available for sale.N/A
WatchGuard Firebox Cloud
Score 0.0 out of 10
N/A
WatchGuard’s Firebox Cloud allows network administrators to extend their security perimeter to the cloud and protect servers running within a public cloud environment.N/A
Pricing
AlienVault OSSIM (discontinued)WatchGuard Firebox Cloud
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
AlienVault OSSIM (discontinued)WatchGuard Firebox Cloud
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
AlienVault OSSIM (discontinued)WatchGuard Firebox Cloud
Features
AlienVault OSSIM (discontinued)WatchGuard Firebox Cloud
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
AlienVault OSSIM (discontinued)
7.5
Ratings
3% below category average
WatchGuard Firebox Cloud
-
Ratings
Centralized event and log data collection9.40 Ratings00 Ratings
Correlation6.90 Ratings00 Ratings
Event and log normalization/management8.10 Ratings00 Ratings
Deployment flexibility8.20 Ratings00 Ratings
Integration with Identity and Access Management Tools9.30 Ratings00 Ratings
Custom dashboards and workspaces9.40 Ratings00 Ratings
Host and network-based intrusion detection9.20 Ratings00 Ratings
Data integration/API management5.30 Ratings00 Ratings
Behavioral analytics and baselining5.40 Ratings00 Ratings
Rules-based and algorithmic detection thresholds5.30 Ratings00 Ratings
Response orchestration and automation6.30 Ratings00 Ratings
Reporting and compliance management8.40 Ratings00 Ratings
Incident indexing/searching6.40 Ratings00 Ratings
User Ratings
AlienVault OSSIM (discontinued)WatchGuard Firebox Cloud
Likelihood to Recommend
9.3
(0 ratings)
-
(0 ratings)
Usability
8.0
(0 ratings)
-
(0 ratings)
Support Rating
7.9
(0 ratings)
-
(0 ratings)
User Testimonials
AlienVault OSSIM (discontinued)WatchGuard Firebox Cloud
Likelihood to Recommend
The most obvious scenario in which OSSIM is well suited is in a single office/home office (SOHO) or small business, in which budget is reduced but asset discovery and vulnerability management are greatly needed and appreciated. OSSIM is lightweight and free, so the real challenge to face is to hire or assign an administrator to manage and operate it, instead of any investment on an expensive appliance. Also, as resellers, promoting usage of OSSIM to customers charging for professional services for installation, administration, and maintenance (remember that OSSIM doesn't have official support from AlienVault) is a great asset for the organization.
Jose Quintero | TrustRadius Reviewer
Jose Quintero
Support Services Manager
Read full review
No answers on this topic
Pros
  • Threat analysis. It can correlate different events happening to detect a pattern or an attack.
  • Dashboard provides a clean, single location to see what is going on in our environment.
  • Up to date open threat exchange means everything new popping up out there is included and watched for in our environment.
LK
Laurie Keith
Help Desk Manager
Read full review
No answers on this topic
Cons
  • Creating custom rules is a bit complicated
  • Reporting could be improved
  • Agent has caused conflicts with a couple of our other applications
Verified User
Anonymous
Read full review
No answers on this topic
Usability
AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.
Jose Quintero | TrustRadius Reviewer
Jose Quintero
Support Services Manager
Read full review
No answers on this topic
Support Rating
Everything is done through MSSP and installation pro services. Once those hours are burned up, then you're on your own without a lot of help. Typically the pro services hours aren't enough to get past 60 days and MSSP are hit and miss. We had a miss for installation helpers.
John Keenan | TrustRadius Reviewer
John Keenan
Director of Information Security
Read full review
No answers on this topic
Alternatives Considered
AlienVault OSSIM as the first experience with a SIEM is very fine, especially if your company is an SMB. Every SIEM shares some features in common with other products, features such as log retrieval and normalization. So if you stick with principles, you can learn other SIEM products as well. If your environment is not of a minimum size, LogRhythm might be overkill for your network, same with McAfee Enterprise Security Manager.
Ivan Montilla Miralles | TrustRadius Reviewer
Ivan Montilla Miralles
Technical Services
Read full review
No answers on this topic
Return on Investment
  • OSSIM and the installers didn't really help us optimize at installation. OSSIM went without optimization for almost two years before that fact was noticed. I think this decreased ROI.
  • Finding and researching incidents is much faster with all data available. Sometimes too much data, though.
John Keenan | TrustRadius Reviewer
John Keenan
Director of Information Security
Read full review
No answers on this topic
ScreenShots