USM Anywhere™

USM Anywhere Architecture

USM Anywhere has a modular and scalable two-tier architecture.

Overview of the AlienVault Anywhere Ecosystem

USM Anywhere Architecture Diagram

Tier 1 — USM Anywhere Sensors and Agents

USM Anywhere SensorsSensors are deployed into an on-premises, cloud, or multi-cloud environment to collect log and other security-related data. This data is normalized and then securely forwarded to USM Anywhere for analysis and correlation. deploy natively into each environment and help you gain visibility into all of your on-premises and cloudThe use of many computers connected over a network to run multiple programs or applications at the same time, instead of running them on a local device or network. environments. Sensors collect and normalize logs, monitor networks and collect information about the environments and assets deployed in your hybrid environments.

Sensors are a key component of the USM Anywhere solution. They operate either on-premises or in the cloud, performing the following tasks:

USM Anywhere Agents deploy on your network host and provide the following:

  • Endpoint detection and response
  • Network asset monitoring
  • File integrity monitoring (FIM)
  • Log collection

Tier 2 — USM Anywhere Cloud

USM Anywhere receives the previously described data sent to it by the USM Anywhere Sensor and uses it to provide essential security capabilities in a single SaaS platform:

USM Anywhere also integrates log management and securely retains raw logs long-term for forensic investigations and compliance mandates.