Share your experience using DNIF HYPERCLOUD

The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.

Use our online form to submit your review. It's quick and you can post anonymously.

Your review helps others learn about this solution
The PeerSpot community is built upon trust and sharing with peers.
It's good for your career
In today's digital world, your review shows you have valuable expertise.
You can influence the market
Vendors read their reviews and make improvements based on your feedback.
Examples of the 83,000+ reviews on PeerSpot:

Assistant Manager (information Security) at Tata Projects Limited
User
Top 20
Good monitoring and reporting with helpful dashboards
Pros and Cons
  • "The dashboard is helpful, and it creates visualizations to let staff review event data and identify patterns and anomalies."
  • "The EBA could be improved."

What is our primary use case?

In our project, we are mostly using authentication activities, real-time notification & alerting, log correlation & threat intelligence solutions. The DNIF tool is very authentic and capable of providing the desired output. In projects like emergency response systems, it is very important to have such features, which DNIF is providing. 

The real-time notification is alerting us so that we can act immediately. The environment is protected from threats through its threat intelligence solution.

This is a good tool for emergency response system monitoring, and I highly recommend it. 

How has it helped my organization?

DNIF HYPERCLOUD is providing solutions as per incidents based on risks, incident type, and priority. It enables analysts to filter and prioritize based on risk scores and business impact. 

Its feature set enables the organization to improve security further. Categories are user-friendly and easy to understand. 

The reports are formed in such categories that make it easy to act while saving time. DNIF HYPERCLOUD is useful in maintaining service level agreements, or SLAs. The reports can be formatted as needed with all mandatory columns. 

The dashboard is helpful, and it creates visualizations to let staff review event data and identify patterns and anomalies.

What is most valuable?

The user Entity Behavior Analytics (EBA) feature is very valuable for emergency response systems. Based on the risk categorization, activities can be monitored easily. 

Monitoring can be based on activity, graph, response, and kill chain. The response can be looked into and investigated. Cases can be developed, and multiple hosts can be configured to monitor everything in real-time. 

Each host can further be monitored based on different categories. It is giving weight to each host - which is very important in any emergency response system. 

What needs improvement?

The EBA could be improved. The graphs and kill chain are not operational most of the time. 

Some dashboards are not showing data that is important to have for management review or meetings. The dashboard could be improved so that it is easy to understand, even for non-technical users. 

File integrity monitoring is missing. This may impact the data. A contingency plan should be shown against each risk to have a proper analysis of all risks in all aspects. 

Compliance should support log data for standards like HIPAA, ISO, PCI/DSS, HITECH, SOX, and GDPR and generate compliance reports. 

For how long have I used the solution?

I've used the solution for the last 4.5 years. 

What do I think about the stability of the solution?

It is performing all the time and therefore is quite stable. 

What do I think about the scalability of the solution?

It is scalable.

How are customer service and support?

Technical support gives us a timely response. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not use a different solution previously.

What about the implementation team?

We have implemented the solution through the vendor team.

What was our ROI?

It is saving companies money in terms of pricing. 

What's my experience with pricing, setup cost, and licensing?

It is good, price-wise.

Which other solutions did I evaluate?

We did look into Micro Focus.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Kishore Tiwari - PeerSpot reviewer
Deputy General Manager - Information Security (Lead ISA) at a energy/utilities company with 1,001-5,000 employees
Real User
Top 10
Development from open sources is very valuable but a huge infrastructure is required
Pros and Cons
  • "The beauty of the solution is that you can develop infrastructure for a data lake using open sources that are separate from the licenses."
  • "The solution's command line should be simpler so that routine commands can be used."

What is our primary use case?

Our company is using the solution to build a next-generation security operations center that automates all administration and orchestration. It will include our entire MITRE framework and use cases being mapped at the moment.

We were already developing UEBA and SOAR when we started using the solution. UEBA will track when users move around to determine if movements are suspicious or should be mapped with threat activity.

The solution is a hybrid model. The hardware infrastructure and log collector is on-premises. We provide IP addresses that open a specific communication with the solution's cloud console where our EPS data is contained. We administrate the SIEM via the cloud portal and manage operations or log management on-premises. 

What is most valuable?

The beauty of the solution is that you can develop infrastructure for a data lake using open sources that are separate from the licenses. You can use Ubuntu, CentOS, or any flavor of Linux to build your infrastructure. The solution installs a Docker with their licenses and script running on top of it. You can increase volume or build up servers and backend infrastructure at any time. Other products require you buy their proprietary-based log management system, forward the devices log to the SIEM, and pay for its storage. 

What needs improvement?

The solution's command line should be simpler so that routine commands can be used. The search configuration is a bit different than other OEMs or SIEM solutions like ArcSight or QRadar that are easy to search because they operate similarly. The logic is there and the solution supplies a pretty good explanation. Basically, DNIF spelled out is the opposite of FIND. You have to find commands whenever you want to search something. For example, a highway gets you to your destination but there is an alternate way people don't yet know about. Gartner or Forrester haven't yet studied it. We were a bit nervous when we were trying to get familiar with the solution. We wondered if we could realize ROI because the commands and ways of pulling data were different to us. We raised a case with the support team and their professionals provided the needed support. The command line is user friendly once you understand it. If you need immediate use, then you might want to get assistance from someone who is well-versed in methods for using key patterns to find things.

Lengthier files for threat hunting or analysis are needed. The correlation happens, but exporting a large number of files to abstract them is not possible. For example, I want to present raw data to management so I should be able to customize a date range in my query and download the files.

For how long have I used the solution?

I have been using the solution for two years.

What do I think about the stability of the solution?

From a product point of view, the solution is stable so I rate stability an eight out of ten. 

What do I think about the scalability of the solution?

The solution is very scalable so I rate scalability a ten out of ten. 

How are customer service and support?

The support center does a lot and provides support but most of their team is new so they have to seek assistance from senior staff. This sometimes happens for basic queries but has improved over time. 

I rate support a seven out of ten. 

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We previously used ArcSight but were looking for a mature solution that could perform a variation of data discovery and threat intel discovery. 

How was the initial setup?

The solution requires a huge infrastructure so that can be tough. It is complicated to manage a large number of servers. Basically, you have to arrange 15 servers for some very limited EPS.

Configuration, deployment, and administration of each and every component on top of those servers is very easy. 

What about the implementation team?

We utilized DNIF professional services to deploy along with our team. The solution was new to us, so we opted for their services rather than going with a third party. It took three to four months for end-to-end deployment. 

We deployed in 2020 and, within a period of five months, had 30,000 users and 2,000 servers in our infrastructure. 

What's my experience with pricing, setup cost, and licensing?

The solution requires a huge infrastructure and that is costly. 

SIEM solutions always cost more so you have to determine if your budget can handle the cost to get to ROI. 

In the future, I would like the solution to reduce its infrastructure requirements. 

Which other solutions did I evaluate?

The solution was selected after a POC with a couple of vendors. Deciding factors were cost and the fit to our use cases. The techno-commercial aspect was the final deciding factor. 

What other advice do I have?

Before buying the solution, ask for an overview and use-case session. Learn the infrastructure requirements and EPS cost. The solution is hyper-cloud which is a hybrid model, so budget for both on-premises needs and cloud service. Ensure that you can sustain the cost of running a SIEM solution because it is hard work to change solutions. 

If you need a parser to integrate existing technologies or a stack, be sure to tell your vendors before buying the solution. Bind them to the same timelines and agreements. We had a couple of lags during the POC stage that took DNIF a long time to resolve after implementation. Timelines published on the internet for TAC response are very generic so make sure they are customized as part of any agreement. 

In rating the solution, I have considered several factors. There are lots of improvements needed. The infrastructure specs are huge and require on-premises management. The solution should have a completely cloud-based option or only require a lightweight infrastructure it is managed as a service. There should be a two-way exchange where issues proactively flow to a dashboard where anyone can take action. 

Overall, I rate the solution a seven out of ten. 

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.