With AlienVault's® USM™ family of products, you can choose the right deployment model to fit your unique requirements. Whether you are a small business with one location, a mid-size organization needing to deploy a mix of hardware appliances in your network and virtual appliances in your data center, a business running portions of your operation in cloud environments, or an MSSP monitoring your customer’s infrastructure, the different USM family of products provide the flexibility you need.
You have the choice to deploy USM and manage it yourself on-premises or deploy just virtual sensors into your on-premises and cloud environments while centralizing collection and analysis from the cloud-hosted USM Anywhere, or you can rely on one of our authorized Managed Security Service Providers (MSSPs) to manage your AlienVault deployment. AlienVault’s USM family of products was built to give you the freedom to match your security solution with your environment, so pick your path.
The AlienVault USM platform is available in various models and form-factors, based on size, scale,
configuration requirements, and infrastructure needs. You can quickly deploy AlienVault USM as a
dedicated hardware appliance or virtual appliance into your on-premises networks. Alternatively,
you can use USM Anywhere™, a cloud-hosted centralized data collection and analysis platform with
virtual sensors that deploy into your on-premises infrastructure and native-cloud sensors that
deploy into your cloud environments.
1AlienVault USM All-in-One products combine the Server, Sensor, and Logger components onto a single system.
2The AlienVault USM Standard and USM Enterprise product lines offer increased scalability and performance by provisioning
dedicated systems for each component (Server, Sensor, and Logger).
3USM Anywhere cloud appliances are not interoperable with other USM on-premises appliances.
Our USM All-in-One hardware and virtual appliances combine our Sensor, Logger, and Server components in a single appliance. If your capacity needs or environment grows, you can quickly expand these All-in-One appliance deployments to become USM Standard or USM Enterprise deployments, where dedicated appliances perform each of these functions.
USM Anywhere is a cloud-hosted solution that allows you to grow as your monitoring and data collection needs grow. You have the ability to change your subscription to a higher volume as your data volume needs grow. Deploy sensors where you need them most in your cloud and on-premises infrastructure.
This deployment consolidates all USM functions into a single hardware or virtual appliance for reduced complexity and rapid deployment. All event logs are forwarded to a single USM All-in-One appliance for collection, aggregation, analysis, correlation and reporting.
Larger networks with a higher volume of events and / or performance requirements will want to deploy separate USM Standard or Enterprise components as either hardware or virtual appliances to benefit from the improved performance and capacity.
MSSPs use the USM platform to deliver their managed security services using the USM essential security capabilities to their customers. AlienVault USM supports a federated model that makes it easy for an MSSP to quickly deploy an AlienVault appliance into a customer environment and immediately begin monitoring. Alarm information is federated to a federation server within the MSSPs network, giving the MSSPs SOC personnel real-time visibility into the threats discovered in their customers network, allowing them to quickly respond.
For example, an MSSP managing a customer with a main office and several branch offices would deploy USM Sensors in each branch office as well as the main office. The MSSP would deploy a USM All-in-One or Server in the main office as well, to manage all of the sensors and analyze the data from the different offices.
The Service Provider would then deploy another USM Server, the USM Federation Server, in its SOC to manage the customer’s USM deployment. All data from the customer’s network would reside in a USM Logger deployed in the MSSP’s secure environment.
This model allows MSSPs partnered with AlienVault to deliver monitoring services via their dedicated, highly talented SOC teams.