3 Replies Latest reply on Jun 16, 2015 3:59 PM by qle

    Varonis DATADVANTAGE Trial Review

    fcpsolaradmin

       

      Our company is currently in a trial run of Varonis DatAdvantage, and I felt it necessary to give a review.

       

      I won’t go over all the features the product offers, just simply tell you my experience with the company itself and how we have actually used the product.

       

      Install/Setup

       

      After we stood up a server 2012 box and made a domain service account local admin on all the servers we wanted to monitor the varonis engineer and the varonis Sales Rep did the rest. (Yes the sales rep was engaged throughout the setup process and continued to answer our questions unscripted!) They setup all of the agents, the reporting, and the alerting. Since the initial setup they have had multiple follow up calls with us to show us additional features, reports etc.

       

      Results so far on what we are using

       

      This list doesn’t even scratch the surface of what this product is capable of, but it is what we are currently focused on testing.

       

      Files

       

      Found well over a TB of inactive data

       

      Found 2 cases of an Encryption Virus which were locking thousands of documents. Were able to quickly see which documents were affected and who it was that had caught the infection.

       

      Multiple broken ACL’s

       

      Found and marked possible PCI, HIPPA, GLBA data

       

      Alerts we have configured-

       

      Data access seems out of ordinary-

       

      If user A touches 12 files day 1 and 15 files on day 2 then all of the sudden on day 3 User A touches 3500 documents, we will be alerted.

       

      Exchange

       

      Exchange Email is sent As- When a user sends an email as someone else

       

      Exchange Email Sent on Behalf of- When a user sends an email on behalf of someone else.

       

      SharePoint

       

      Report on permission levels

       

      Active Directory

       

      Locate locked out accounts, determine the cause.

       

       

       

      Overall experience with this demo was great, these guys don’t just have you download their exe file and leave you to figure out the rest. They set it up for you, they make sure it’s doing what you expect it to do, and they show you how to utilize it. If you are in the market for Data Governance Software and you want something that works, get a DATADVANTAGE demo setup in your environment.

       


      I do not see DATADVANTAGE as a competitor to LEM although they do share some similar features they are different enough where both software can be utilized together. With that said hopefully nobody at SW is offended by my positive experience with Varonis

        • Re: Varonis DATADVANTAGE Trial Review
          qle

          What was your impression after the trial/demo period was over? Did you ever decide to move forward with this?

            • Re: Varonis DATADVANTAGE Trial Review
              fcpsolaradmin

              We did end up implementing it. We find it extremely useful for file auditing, and compliance.

               

              Some of the reports aren't as straight forward as Id like, but the sales team is still actively engaged in support situations. For example if there is a report that I need to run but can't get it just right, I am able to email the sales team and within a day i will have a webex invite to help me get it setup.

               

              It is expensive but I think their level of support makes it worth it.

                • Re: Varonis DATADVANTAGE Trial Review
                  qle

                  I really appreciate the update. We're in the midst of a trial ourselves but we're hesitant about putting an unknown quantity in our production environment. Currently, it's restricted to a lab environment and as you would suspect, the information presented is limited. Even with that in mind, we've started to understand its behavior and how it works.

                   

                  • Have you deployed it to any Linux servers? If so, did you run into any issues during deployment?
                  • We're also interested in its real-time capabilities. What are you able to see in real-time, if anything? What actions are you able to perform in response to real-time events?