We performed a comparison between Trellix ESM and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is easy to use and deploy. It comes with user-friendly manuals."
"Compared to other solutions, the user interface is good."
"This solution integrates easily and very well with other technologies."
"The support I have received from the vendor has been great."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"I like the ease of deployment."
"It enables us to detect malicious threats, issues, or vulnerabilities in our network."
"The solution's technical support is great."
"AlienVault has an advanced component within one package. With this, we can cover more area with one solution."
"On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature."
"The vulnerability scanning is helpful to identify the areas that need patching or fixes installed."
"The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event."
"As we have to service several servers, we can manage them in a economical way, which is beneficial to our team and business."
"The other big selling feature for us was its integration capabilities with all the other security-based products."
"The setup is very easy and straightforward."
"Its powerful correlation engine helps reduce time in manually correlating events."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
"There's no software support from McAfee."
"I would like to see good analytics in future releases."
"The only drawback is that they don't have any packet capturing or network behavior analysis."
"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."
"It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee."
"The support from McAfee ESM could improve. They could improve the speed."
"Customized reports and alerting functionality could be included in the dashboard."
"We develop additional rules and scripts to make it more usable."
"Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it."
"I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job."
"One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs... The logger can only hold so much data. If they improved that, that would help."
"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
"It should be able to communicate with other security solutions to stop threats."
"For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier."
"The GUI needs to improve because it's not user-friendly."
Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Trellix ESM is rated 7.4, while USM Anywhere is rated 8.4. The top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Trellix Helix, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel. See our Trellix ESM vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.