ObserveIT OverviewUNIXBusinessApplication

What is ObserveIT?

The biggest security problem today is people. Insiders are responsible for 90% of security incidents, per the 2015 Verizon DBIR Report. Organizations need to manage security risk from vendors, privileged users and high-risk users. ObserveIT captures video playback of policy violations and comprehensive metadata related to what people are doing, with this information, you can easily search and see what happened without translating logs or investigating across multiple systems.

Try a free 15-day trial of ObserveIT today.

ObserveIT Customers

Coca Cola, Allianz, Premiere League, Xerox, AIG, Cigna, Starbucks, Revlon, Toshiba, Nissan and more.

ObserveIT Video

Archived ObserveIT Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Cyber Security Leader at a tech services company with 201-500 employees
MSP
Good value, easy to use, and easy to deploy
Pros and Cons
  • "ObserveIT is small, easy to use, easy to deploy, and is not complicated, so it's more generally suited for only SMBs. It's a good value with a cheaper price."
  • "ObserveIT is not scalable and it's not for the medium to large corporations. It's for the smaller environments. For the larger corporations, we have other scalable solutions."

What is our primary use case?

The biggest and strongest use case is to monitor the behavior patterns, in terms of any malicious activity, like downloading unauthorized files from the internet.

What is most valuable?

The most important feature is the expectation that the solution has to have a minimum of false positives. This depends both on the tool and its implementation. So the important features are the minimum false positives it produces and the accuracy of its reporting. Also, important is how easy it is to run.

What needs improvement?

In terms of what can be improved, that is a question I think the end users can tell you better. I'm not the end-user for this system. However, I can say that it needs to be more scalable.

I think they already have a good value proposition in terms of being a hybrid model, and the reporting is okay, as well. 

It could have better integration with other SIEMs, but this integration has to come from the SIEM side, not ObserveIT.

For how long have I used the solution?

I have been familiar with ObserveIT for six months.

What do I think about the scalability of the solution?

ObserveIT is not scalable and it's not for the medium to large corporations. It's for smaller environments. For the larger corporations, we have other scalable solutions, and at the moment I think the usual pattern to address the UEBA is defining or directing the use cases.

How are customer service and support?

I've never contacted technical support. It's directly from the vendor. 

How was the initial setup?

Installation is very straightforward. It's a small utility, it's not a big platform, like Securonix, where you need massive hardware and computing power to run it. It takes about three hours to deploy. Three hours for the installation, and then depending on the number of use cases you need to configure, two to three days max.

We work with ObserveIT on-prem, but they have a cloud option. ObserveIT supports both.

What about the implementation team?

A technical person involved with the deployment engineer came from the vendor itself to help. I did not do it myself.

What's my experience with pricing, setup cost, and licensing?

As for pricing, it's a vendor-based question and very confidential. 

But it's extremely cost-beneficial for you.

Which other solutions did I evaluate?

In contrast to the scalability of ObserveIT, Securonix, another platform for UEBA, has infinite scalability. It can scale depending on the number and amount of computing power you have and it does not work on the standard database but on the big data analytics platform. That brings with it the value of security analytics as well, regardless of any silos. Securonix is not only UEBA, but it's also an integrated platform, the next-gen SIEM UEBA, and it supports the security data link as well. So it is massive. It is appropriate for much, much larger organizations where you have 50,000 users or more who you need to monitor. There is no regular SIEM with such use cases. Securonix is particularly developed for large organizations where scalability is a challenge and there is a large number of users.

What other advice do I have?

ObserveIT is small, easy to use, easy to deploy, and is not complicated, so it's more generally suited for only SMBs. It's a good value at a cheaper price.

For the SMB industry, I would it rate seven or eight out of ten. That's because of its ease of use, it is very easy to deploy and administer, and it is affordable from a market perspective. Overall, it gives a consistent and really good return on investment.

But it's not for the larger corporations at all.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
PeerSpot user
ITSM & AntiFraud Consultant with 51-200 employees
Consultant
The ability to record user activity on a Unix X Server would be nice. All in all a good solution.

What is most valuable?

It is the best enterprise product that captures user activity. Its main advantage over its competitors is the way it records data. The most valuable features are the user recording, the textual log audit, and the ability to integrate with SIEM and ticketing systems.

How has it helped my organization?

All my clients are very pleased with this product as it helps them to keep track of what partners and employees are doing on the servers. Some of them are using ObserveIT to monitor the user activity on virtual desktops.

What needs improvement?

It would be nice to record user activity on Unix X Server.

For how long have I used the solution?

I have two years experience of implementation of ObserveIT at six clients in Romania.

What was my experience with deployment of the solution?

Until now we didn't have any issues with deployment reported. Most issues are related to the prerequisites not being installed.

What do I think about the stability of the solution?

This product is very stable. Some clients have version 5.6 and don't want to upgrade to a newer version because this version satisfies all their needs.

What do I think about the scalability of the solution?

I didn't have any big scalability issue on production systems. I had some problems with an instance of ObserveIT in a Proof of Concept, when I installed ObserveIT with an SQL Express instance and the DB used all provisioned space. The solution was to use the DB to store metadata and keep the recordings on the file system.

How are customer service and technical support?

Customer Service:

We didn't use ObserveIT support too much, as we didn’t have problems with the product. We have used them only when we had an exotic environment, and we had some SSL agent integration problems.

Technical Support:

The technical support is rated at 10/10 from my point of view.

Which solution did I use previously and why did I switch?

ObserveIT was the first solution of its kind that I have used.

How was the initial setup?

The initial setup is straightforward. As a beginner you can use the OneClick install, and read the logs to see where the problems are.

What about the implementation team?

I have implemented this solution as an IT Consultant to clients. In our personal environment we have only used it for a Proof of Concept.

What other advice do I have?

Always check the prerequisites, and provision the requested space for the storage or DB

Disclosure: My company has a business relationship with this vendor other than being a customer: Implementing ObserveIT to more than 6 clients.
PeerSpot user
PeerSpot user
IT Senior Director, IT Risk & Compliance at a insurance company with 1,001-5,000 employees
Real User
Easy to implement and configure. Ticketing and incident workflow can be improved.

Valuable Features

Real time recording and investigation of suspected policy infractions. Ease of implementation and configuration. Knowledge, availability and responsiveness of ObserveIT technical team to support our implementation.

Improvements to My Organization

Has allowed us to provide level of assurance of compliance to complicated business policy.

Room for Improvement

OCR capability, support for Mainframe, Ticketing and Incident workflow.

Use of Solution

Recently implemented at end of Q1/2015

Deployment Issues

No issues with ObserveIT but with our own network limitation requiring remediation.

Stability Issues

No.

Scalability Issues

No.

Customer Service and Technical Support

Customer Service:

The ObserveIT professional services team has been excellent, extremely engaged and genuinely concerned with our success.

Technical Support:

Excellent.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Remote Service Tools (Support and R&D) Team Leader at a comms service provider with self employed
Real User
It resolved security issues by providing audit reports and records to our customers.

What is most valuable?

We are using the recording session solution and this feature is the most valuable for us.

We installed the ObserveIT clients on Centralized Terminal Servers environment - our support teams go through this environment in order to use the remote access tools and connect to the customer, and support. The application provides us auditing and records of the remote access sessions. We are also using the ObserveIT client on LINUX to record remote access established via the LINUX servers (P2P VPN) to our customers.

How has it helped my organization?

It resolved security issues of the organization by providing audit reports and records to our customers.

What needs improvement?

The tool is still not providing records of tunnels established - we would like to see it in future versions.

The number of slides in the LINUX recorded sessions is incorrect.

For how long have I used the solution?

7 years

What was my experience with deployment of the solution?

Everything was clear and, in any case we received great support from the support team.

How are customer service and technical support?

Customer Service:

The customer service is great.

Technical Support:

The technical support is great.

Which solution did I use previously and why did I switch?

No

What about the implementation team?

In-house

Which other solutions did I evaluate?

No

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user203877 - PeerSpot reviewer
Consultant with 51-200 employees
Vendor
Ticketing and issue management need to be improved but it helps with compliance regulations.

What is most valuable?

  • Meta data search
  • Alert generation

How has it helped my organization?

I'm a consultant who implements these for customers. Helps compliance regulations.

What needs improvement?

Ticketing and issue management. Based on the new system, one needs to go through the sales people. Also, maybe some training for new features.

For how long have I used the solution?

I've used it for approximately two years.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

I haven't tried to scale it.

How are customer service and technical support?

Customer Service:

Good - 8/10.

Technical Support:

Good - 8/10.

Which solution did I use previously and why did I switch?

No previous solution used.

How was the initial setup?

It is straightforward.

What other advice do I have?

Go for it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user195495 - PeerSpot reviewer
Security Expert at a tech services company with 501-1,000 employees
Consultant
Make sure to understand what nodes need to be protected before buying and implementation.

What is most valuable?

  • Record videos that have a very small file size
  • Management interface is very convenient and intuitive

What was my experience with deployment of the solution?

No. We didn't have issues with deployment.

What do I think about the stability of the solution?

No. We didn't have issues with stability.

What do I think about the scalability of the solution?

We didn't use the scalability.

How are customer service and technical support?

Customer Service:

We have not had the opportunity to work with customer service.

Technical Support:

We have not had the opportunity to work with technical support.

Which solution did I use previously and why did I switch?

No previous solution used.

How was the initial setup?

The initial setup was straightforward, but we work with many solutions and have a lot of expertise.

What was our ROI?

We provide the solutions to customers, and I find it difficult to talk about ROI.

Which other solutions did I evaluate?

Yes, we also looked at Balabit solutions.

What other advice do I have?

Customers must clearly understand what nodes need to be protected before buying and implementation.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user