RackFoundry Total Security Management (discontinued) vs. SolarWinds Security Event Manager (SEM)

I would not recommend RackFoundry to any company whatsoever. At first it seems like a viable solution for the cost. Offering SOC monitoring, implementation and deployment all-in-one seems like a great deal. However it all falls apart when push comes to shoves. As it currently stands we are just over a year into our deployment. All we have to show for it is a fancy web app that does not display any information. In the year that this deployment has been ongoing it has taken us a few months just to get the virtual appliance installed. Then it was another few months of back and forth until we finally got credentials. Then when I finally logged in we began the process of deploying agents and began collecting data. Shortly afterward things began to stall to where they are now. We faced major issues with the web app, scans were not running, assets were not reporting in and data and reports were not being generated. After doing some more research and googling I realized that we were not alone with these issues. Countless other reports from companies who have had similar issues to ours. Each time I ask when the issues were going to be resolved, I got the same answer every time: "The next release should fix the issues you have been experiencing", only for the next release to come, and the issues remain.

Solarwinds SEM is great for generating reports for investigation purposes. Once you set up the connectors you can walk away and the product runs without needing maintenance. It was however pretty difficult to create the reports and alerts when now starting out and it can be very intimidating for new users.

Incentivized

• All-in-one solution that covers all the essentials and basic of security needs
• Unique methodology way for cost effective enterprise security solution
• Help exceed compliance as their interface allows you to tailor your compliance needs
• Simple and friendly customizable user interface dashboard
• Unique function: Ask an Expert
• Premium fully manage automatic updates with access
• Deployable Security Modules that encompass IPS/IDS/SIEM/VA/FW
• Knowledgeable engineers, who helped improve our overall infrastructure by making it more secure

• SolarWinds easily provides the much needed visibily into changes in an Active Directory (AD) environment. Email alerting can be configured to alert a team if an account is locked out, disabled by another users, or if users and/or computers accounts are created.
• SolarWinds allowed a searchable audit feature. Microsoft Windows can be configured to log many different parts of a system, but search those logs can be difficult. SEM allows you to search for specific users or events.

Incentivized

• Product they offer does not work.
• Time to implement is unbelievably long.
• Services they offer are so far, non-existent.

• Compared to other SIEMs, there are features that are missing. Machine learning, automatic event correlation, ability to correlate multiple sources together.
• The UI is clunky, and the *New* event log analyzer page felt really disjointed from the rest of the product.
• In my experience, the dashboards were almost unusable. They persisted across login per device, and even then they sometimes would reset and go back to the ''Getting Started'' look.

Incentivized

It is pretty likely that we will renew SEM when the time comes up. It is easy to use and maintain so there isn't much of a need to replace this product. It is also a pretty fair price for the capabilities provided by the SEM

Incentivized

It is very good - but you get what you pay for. The intent is not for a Fortune 500 that needs more "heavy lifting" with SolarWinds Security Event Manager & for whom the price tag is not (much of) a consideration.

Incentivized

The quality of support can vary depending on whom you end up speaking with. I was fortunate enough to work with a support representative who was very familiar with the product. He had even authored some of the support documentation on the website. On the flip side, I had two other experiences where I was simply directed to online training material.

Incentivized

Well I have experience with the big names: SecureWorks, IBM and Splunk. Individually their logging tools are much better than RackFoundry's Total Security Management. This is great for large corporations and urban cities, however not so great for municipalities, mid size businesses and companies who fluctuate between 1-7 members on their IT staff. Why? Because it takes too much of their resources and integration with other products gets a little rough as you will need to configure your preferences to theirs. When a company has stability it is great to have a name brand product, however renewals and upgrade costs can be taxing to an organization.

The compare well against the others - the pricing models for all but Splunk (free version) are based on EPS/TB consumed... the problem they pose is guesstimating the price tag per month. SolarWinds Security Event Manager gets around that.

Incentivized

• Just knowing that we are protected from attacks is our main objective and so far that sense of security is well worth the cost associated with it.

• It saves a lot of time when we had issues trying to figure out where the user account lockout was coming from.
• With it being an affordable SIEM, we are able to have the ability to do the actions associated with a SIEM and the advantages of not “breaking the bank account”.

Incentivized