AlienVault Unified Security Management: How it Works
As soon as AlienVault USM™ is installed within your network, you’ll start to see essential information about devices, applications, user activity, and network traffic. In fact, most customers identify policy violations and potential threats within just a few minutes after the installation is complete.
This is possible due to AlienVault’s modular, scalable, three-tier architecture. Specifically, all AlienVault USM products include these three core components:
- Sensors – deployed throughout your network to collect logs and provide the five essential security capabilities you need for complete visibility.
- Server – aggregates and correlates information gathered by the Sensors, and provides single pane-of-glass management, reporting and administration.
- Logger – securely archives raw event log data for forensic investigations and compliance mandates.
These core components provide the real-time threat detection, event correlation, and security intelligence to stay ahead of the threat – and your auditor.
AlienVault USM: Deploy the way you want.
All of the AlienVault USM products are available in various models, based on size, scale, and configuration requirements. You can quickly deploy AlienVault USM – as a dedicated physical hardware appliance, a virtual appliance, or within the Amazon EC2 cloud. To make things even easier, no matter what deployment option you choose, every AlienVault component works the same way – and is fully interoperable with all other models. For example, you can deploy AlienVault USM in Amazon EC2 and in your data center if that is what your business requires. The important thing is that no matter where your assets are, you have full security visibility – all in one place.
|Hardware Appliance||Virtual Appliance||Amazon AMI|
For detailed configuration information and run-time requirements, please download our datasheet here.
1AlienVault USM All-in-one products combine the Server, Sensor, and Logger components onto a single system.
2The AlienVault USM Standard and USM Enterprise product lines offer increased scalability and performance by provisioning dedicated systems for each component (Server, Sensor, and Logger).
Additionally, each of our USM products can be instantly upgraded as your environment changes and use cases needs evolve. Start out small and quickly expand your deployment, leveraging the power of unified security management from day one.
|USM All-in-One||USM Standard|
|All Models||Remote Sensor||Sensor||Logger||Server|
|RAM||24 GB||8 GB||24 GB|
|Storage||1.2 TB||1 TB||1.2 TB||1.8 TB||1.2 TB|
|Virtualization Environment||VMWare ESXi 4.0+||VMWare ESXi 4.0+|