Akamai Guardicore Segmentation Reviews

Our main use case for Akamai Guardicore Segmentation is to implement micro-segmentation and Zero Trust security across hybrid environments, including both on-premises and cloud workloads. We primarily use it to gain visibility into east-west traffic to control the communication between application and servers, which helps in reducing the risk of lateral movement in case of security breach. Additionally, we use it for application dependency mapping to understand how workloads interact, creating granular segmentation policies based on application, environment, and role, improving compliance posture, especially for banking and financial customers. Overall, it helps us to move from traditional perimeter-based security to more workload-level security approach.

Akamai Guardicore Segmentation has had a very significant positive impact on our organization, especially in terms of security posture, operational efficiency, and compliance. From a security perspective, it has helped us to greatly reduce lateral movement risk by enforcing strict micro-segmentation policies. Even if a system is compromised, the attack surface is limited, which strengthens our overall zero-trust approach.

In terms of efficiency, the visibility and visualization feature have reduced the time required for troubleshooting and policy validation. Our team can quickly identify communication issues and resolve them faster compared to traditional methods.

From a compliance standpoint, especially for banking customers, it has helped us to meet regulatory requirements more effectively by ensuring the proper segmentation between critical workloads and sensitive data environments. Overall, it has improved our control, visibility, and response time, making our security operations more proactive rather than reactive.

One of the best features of Akamai Guardicore Segmentation is its real-time visibility and visualization capabilities. It provides a detailed map of all east-west traffic, which is very helpful for both security and troubleshooting. Another key feature is application dependency mapping, which visually shows the communication flows between servers. This helps in understanding the complex environments and designing accurate segmentation policies.

The granular micro-segmentation capability is also very powerful. We can create a policy based on labels such as application, environment, or role, allowing only required communication and blocking everything else, which significantly reduces the lateral movement risk.

Additionally, the agent-based deployment is lightweight and works well across hybrid environments, including on-premises and cloud, making it flexible and easy to scale. Overall, the combination of visibility, visualization, and fine-grained control makes it a very effective micro-segmentation solution.

While Akamai Guardicore Segmentation is a very powerful solution, there are a few areas where it could be improved. One of the main challenges is the initial deployment and policy design complexity. In large environments, understanding all application dependencies and creating the right policies can take time and requires close coordination with application teams.

The user interface and policy management can also be improved. As the number of policies grows, managing and organizing them becomes slightly complex. A more simplified or intuitive policy structure would help operational teams.

Another area is integration with other security tools such as SIEM or SOAR platforms. While integration is possible, making it more seamless and easier to configure would add value. Additionally, the reporting and dashboard could be enhanced to provide more customizable and business-level insights, especially for management and reporting.

One small improvement I would suggest for Akamai Guardicore Segmentation is having more automation capabilities for policy creation and recommendation. For example, AI-driven suggestions based on observed traffic patterns would help reduce manual effort during the initial policy design. It would also help to have more predefined templates for common use cases, especially for industries such as banking, to speed up deployment. Another area is enhanced reporting customization where we can easily generate business-level dashboards for management and compliance teams without any additional effort.

I have been working with Akamai Guardicore Segmentation for around one to two years as part of my role managing security.

The customer service rating I would give is a four out of ten.

In one of our banking customer environments, we used Akamai Guardicore Segmentation to segment the critical application tiers such as web, application, and database servers. Initially, we enabled visibility mode to understand the east-west traffic and identify all communication flows between workloads. During this phase, we discovered several unnecessary open communications, especially between application and database layers. Based on this, we created granular segmentation policies to allow only required ports and protocols and blocked all other unnecessary traffic. For example, only specific application servers were allowed to communicate with the database servers on required ports while all other lateral movement paths were restricted.

One additional point I would highlight is that with Akamai Guardicore Segmentation, we do not just use it for static segmentation, but also for continuous monitoring and policy optimization. Even after the initial deployment, we regularly review the traffic patterns and update the policies based on application changes. This is very important in dynamic environments such as banking, where new service integrations are frequently introduced. Another key aspect is that we use it as a part of a broader zero-trust strategy, integrating it with other security solutions such as WAF and secure web gateways to create a layered defense approach. Also, from an operational perspective, it has helped us to reduce the dependency on traditional network-based segmentation, making security more application-aware and flexible, especially in hybrid and cloud environments.

The visualization feature in Akamai Guardicore Segmentation has been extremely helpful for our daily operations, especially in troubleshooting and policy design. From a troubleshooting perspective, it gives us a clear, real-time view of communication flows between workloads. Instead of checking logs manually, we can quickly identify where traffic is being allowed or blocked. This significantly reduces the time required to identify issues. For policy design, the visualization helps us to understand the application dependencies before enforcing any rules. This ensures we do not accidentally block legitimate traffic, which is very critical in banking environments. It also helps in identifying unnecessary or suspicious communication paths, validating policies after implementation, and collaborating with application teams, since the visual maps are easy to understand even for non-security teams. Overall, it makes both troubleshooting faster and policy creation more accurate, reducing the operational effort and minimizing the business impact.

Based on our experience with Akamai Guardicore Segmentation, we have seen a noticeable improvement in both troubleshooting and policy validation timelines. Earlier, troubleshooting east-west communication issues used to take around two to four hours since we had to rely on manual log analysis and multiple tools. With Guardicore visualization, we can now identify the issue within twenty to thirty-five minutes, which is roughly around sixty-five percent to eighty-five percent reduction in troubleshooting time. For policy validation, it previously took several hours to a full day, especially when coordinating with application teams. Now with the clear dependency mapping and real-time visibility, we are able to validate policies within thirty-five to sixty-five minutes, improving efficiency by around fifty-five percent to seventy-five percent. Additionally, incident response time improved by fifty-five percent, policy deployment errors reduced significantly due to better visibility, and faster onboarding of newer applications since dependencies are clearly mapped. Overall, these improvements have helped our team become more efficient, proactive, and accurate in operations.

My main advice for anyone considering Akamai Guardicore Segmentation is to start with the visibility mode before enforcing any policies. Understanding application dependencies and traffic flow is very important to avoid unintended disruptions. Also, involve application and infrastructure teams early in the process since accurate segmentation depends on knowing how applications communicate. I recommend taking a phased approach by starting with monitoring and mapping, identifying the required versus unnecessary traffic, and gradually enforcing the policies. Additionally, keep policies simple and structured initially and refine them over time as you gain more visibility. Overall, if implemented properly, it is a very effective solution for achieving zero-trust and reducing lateral movement risks.

Akamai Guardicore Segmentation is a very effective solution for organizations looking to strengthen their zero-trust security model, especially in complex hybrid environments. What stands out the most is its ability to provide deep visibility and control over east-west traffic, which is something traditional security solutions often lack. While there are areas for improvement such as policy management simplicity and automation, the core capabilities are very strong and deliver real value in terms of security, operational efficiency, and compliance. From my experience, when implemented with the right approach, it can significantly enhance an organization’s overall security posture and reduce lateral movement risk. I would rate this product an eight out of ten.

Hybrid Cloud

Amazon Web Services (AWS)

My main use case for Akamai Guardicore Segmentation is related to Kubernetes instrumentation and visibility, although it is difficult to specify a main use case. When I work with Kubernetes, it is a very dynamic environment where we have pods that are going up and down all the time, and most of the customers don't have visibility about how those pods communicate between themselves or what type of service they consume outside.

By doing instrumentation in Kubernetes, which I have done already, even in OpenShift for on-premise environments and also on Azure, we are able to see all the pods that go up and down and all the communication that they establish inside the pod and outside the Kubernetes environment.

Besides the visibility that I have mentioned about my use case with Akamai Guardicore Segmentation, we can also create rules. If we think that one specific namespace should not communicate with another namespace, we are able to create rules on Guardicore to avoid that communication, or not necessarily only from one namespace to the other, but from one specific port from the source to one specific port to the target, so we can also build those types of rules, and that really helps improve security for customers.

In general, I would say that the best features that Akamai Guardicore Segmentation offers include visibility and the ability to have Layer 7 visibility, which means that we are not only looking for source IPs and ports and target source target IPs and ports, but we are also looking for services. We are able to see even the service that we can create rules for, allowing from server A one specific service to communicate with server B, but if some other service tries to do that communication, it will be blocked, making that a great feature of Guardicore segmentation. There is also the deception model they have, which is the Honeypot model. Once we have one rule that is blocked for some specific ports, we can intercept an insider threat that tries to do RDP to one server that should not happen. With the deception model, that communication is blocked, and the insider is sent to a Honeypot server where they think they have established that communication and may try to add some script there. Guardicore adds logs and creates an incident, so we can see what that communication has done and how someone tried to compromise the environment.

After implementing Akamai Guardicore Segmentation, I can say that for most customers with whom we implement Guardicore, we see once we do micro-segmentation for an application that the connection—possible connections that can be established on that application—usually drops by 80%. If we map out the proper communications that one application should have and create rules to apply the proper blocking, we see one application that could have a hundred thousand different types of communications, and after micro-segmentation, it can have only twenty thousand, thereby significantly increasing the security posture.

In day-to-day operations, we usually don't have any impact, which is the idea of Guardicore. Once we have the rules in place, we only allow the communication that is supposed to happen. This is why we increase the security posture, but we don't impact applications usability and anything else. For day-to-day operation and risk management, as I have mentioned, we typically reduce the communications that we can have with a specific application, so if a customer's environment is compromised, usually we can guarantee that with Guardicore segmentation, if we have the proper rules in place, other applications will not be compromised, and the communication will stay only inside that specific application.

Reporting is one area where I think Akamai Guardicore Segmentation can be improved. They are working on it, but as of now, that is the aspect that needs enhancement. Nothing specific comes to mind regarding the needed improvements related to integrations, scalability, or user interface.

I have been using Akamai Guardicore Segmentation for four or more years.

Akamai Guardicore Segmentation is stable.

The scalability of Akamai Guardicore Segmentation is pretty good; whenever we need more resources for management, if a customer's environment increases significantly, they can add more nodes to the manager within a 15-minute downtime, and it works well.

If I have to rate customer support from 1 to 10, I would give them a six or seven.

I have not previously used a different solution. I know other solutions, but I have worked only with Guardicore.

Regarding pricing and setup cost, I don't have information because I am from a consulting team and not from the sales team. The licensing is related to the number of assets that the customer has in the environment where they want to install the Guardicore agent.

As I mentioned, being a consultant and my company being a partner with Guardicore, we decided to go with Guardicore after evaluating options such as Illumio, which we found to be less robust compared to Guardicore.

With usability, I find that Guardicore is a pretty easy solution to use and pretty straightforward. For integrations, they have lots of different integrations. One cool integration that I have already done is with the Tenable solution, from where we are able to get not only assets information but also assets with high exploitable vulnerabilities. With Guardicore working with labels, we can create a rule that whenever we have an asset with a high exploitable vulnerability, we can block some specific type of communication inside the environment. That integration is one of the coolest I have done, but Guardicore has a lot of different integrations that I know about. As for reporting, Guardicore doesn't have nice reporting inside the solution itself, while it gives lots of different APIs where we can pull the data and build external reports, such as on Power BI. In my company, we have done that, but the reporting is not native from the solution; we have to use APIs for those types of reports.

My advice for others looking into using Akamai Guardicore Segmentation is to think about labeling. You should have labels for your entire environment regarding applications, which means having a good CMDB. You don't need to have a full CMDB, but you should at least build one with information about servers and which applications those servers are members of and what roles they play in the applications, so with that, you will be able to extract the best from the solution. I would rate this product an 8 out of 10.

Hybrid Cloud

Microsoft Azure

My main use case for Akamai Guardicore Segmentation is for big micro-segmentation at my company. A specific example of how I use micro-segmentation with Akamai Guardicore Segmentation in my company is the segmentation of big broadcast domains, where with this I could segregate the front end, the back end, backup networks, and out-of-band networks for administration. I have many cases with jumper services also, so many cases that we could mention working with Akamai Guardicore Segmentation.

More than twenty ring-fences implemented with Akamai Guardicore Segmentation have produced significant results with a three-hundred-sixty-degree vision of all the network traffic including the biggest system that we hold today.

The best feature Akamai Guardicore Segmentation offers is great threat intelligence. Threat intelligence stands out to me as a best feature of Akamai Guardicore Segmentation because you are ready, for example, for ransomware attacks and lateral movements. I am very happy with the solution.

In addition to threat intelligence, I have other ring-fences also. The way that Akamai Guardicore Segmentation holds the segmentation in the simplest way, giving the best visibility, is really the best thing for me.

Akamai Guardicore Segmentation has positively impacted my organization by improving security because it increased the perimeters and the breaks in small perimeters and also giving me visibility over three hundred sixty degrees over the network.

Since implementing Akamai Guardicore Segmentation, I have seen specific outcomes such as reducing incidents because only the tight traffic is really allowed, so you reduce the possibilities of issues and also increase the security.

Akamai Guardicore Segmentation can be improved through the follow-up with the customer experience of the Guardicore team, and they gave me a lot of insights to improve the configuration. I say that we have everyday fine-tunings to increase the power of the tool. I am very happy with this.

I have been using Akamai Guardicore Segmentation for three years and a half.

Akamai Guardicore Segmentation is very stable.

Akamai Guardicore Segmentation is very scalable because I could deploy anywhere without any hardware needs, for example.

The customer support for Akamai Guardicore Segmentation is amazing. They are very close and help me all the time.

Akamai Guardicore Segmentation is my first solution.

I have seen a return on investment as it requires fewer employees needed.

My experience with pricing, setup cost, and licensing for Akamai Guardicore Segmentation is great. It has a fair cost for our business.

I did not evaluate other options.

My advice for others looking into using Akamai Guardicore Segmentation is that it gives visibility, security, and really does the right segmentation of your broadcast domains, improving not only security but visibility that you really need for your business. Akamai Guardicore Segmentation is the tool that makes me sleeping well every day, and I would rate it a ten on a scale of one to ten.

On-premises

My main use case for Akamai Guardicore Segmentation is segmenting legacy operating systems.

I use Akamai Guardicore Segmentation to segment legacy operating systems because they do not support our EDR tools due to their age, and I chose Akamai Guardicore because its agents support very old systems that need to be segmented from the rest of the network.

We are mainly using it for legacy systems.

The best features Akamai Guardicore Segmentation offers make it simple to see all of the connections that are being made to each of the endpoints, and they can be controlled by process and port.

The ability to control by process and port helps my team day-to-day because, since there are hundreds of thousands of connections to some of these endpoints, looking at the Reveal Map makes it simple to audit and create rules for what we want to allow.

Akamai Guardicore Segmentation has impacted my organization positively because we find it difficult to remove the legacy systems, so it was very important to segment them from the rest of the network to protect them and protect the rest of our network.

Akamai Guardicore Segmentation can be improved because keeping it up to date is difficult since it is SaaS-based and updates are not on a regular schedule; I have to reach out to my contact to ask them to update to a newer version, and it would be helpful if updates were on a regular cadence so that I would not have to remember to ask them.

I think it is really valuable to take a course on Akamai Guardicore Segmentation because many things are not obvious in terms of how to do them correctly.

I have been using Akamai Guardicore Segmentation for one year.

Akamai Guardicore Segmentation is stable and very reliable.

The scalability of Akamai Guardicore Segmentation is very good. It scales very well, and I can keep adding agents and scale as much as needed.

I have not had to reach out to customer support for Akamai Guardicore Segmentation.

I have not seen a return on investment in terms of specific metrics like time saved or reduced risk, but I can say that reduced risk is significant.

My experience with pricing, setup cost, and licensing is that overall everything worked out really well. The pricing was flexible, and it has worked out well with our budget.

Before choosing Akamai Guardicore Segmentation, I evaluated other options, but I cannot recall them off the top of my head.

Since I started using Akamai Guardicore Segmentation, we have not had any situations that demonstrate specific results or metrics such as fewer incidents or improved compliance.

My advice to others looking into using Akamai Guardicore Segmentation is to work with professional services during setup because it is not intuitive at the beginning and to take the administrator course to understand the Reveal Maps, as the Reveal Maps are the most useful way to control the segmentation.

I give this product a rating of 8.

On-premises

We were using Akamai Guardicore Segmentation for micro-segmentation with Zero Trust. It's a process-level segmentation that functions just like a firewall.

It has significantly lowered our overall security risk and made our security much better. We don't need to buy additional solutions for it.

Akamai Guardicore Segmentation is very intuitive. If you're used to firewalls, you're also used to this product because it has the same look and feel.

Automation is a nice feature that not many customers are using. Companies can set up automation so that if they see something that's not good, it can be automatically remediated. That's a feature that many customers would like.

The visibility feature is actually where this technology is much better than firewalls. With firewalls you make policy, but you don't know why you're making the policy because you need to ask somebody about what kind of policy they need. With Akamai Guardicore Segmentation, you can actually see what's going on and you can make your policy without asking any application owner what to make. You're actually accepting a policy instead of building a policy.

What we hear most from customers is that it requires a kernel module. Many customers do not like kernel modules because the PCs will blue screen if there's a bug in the software. That's the biggest disadvantage. Some competitors are not using kernel modules.

We have been using it for four years.

Akamai Guardicore Segmentation is stable. There could be some minor bugs, but there haven't been any major issues for the last four or five years.

It's scalable. There are customers that have 250,000 endpoints and PCs.

The support cases I've had were good.

I'm no longer working with previous solutions.

It's pretty easy to install.

We are not a partner, so we're more of a customer.

Akamai Guardicore Segmentation is very flexible. You don't need to change anything in the network because it's not a network thing. That's the nicest thing.

The setup cost is reasonable.

Illumio is the biggest competitor. They are not using a kernel module. Akamai Guardicore Segmentation has much better visibility and has a more firewall style look and feel in how you use the product compared to Illumio.

I work with the segmentation aspect of Akamai Guardicore Segmentation. Akamai Guardicore Segmentation has much better visibility and has a more firewall style look and feel in how you use the product. I would rate this review an 8 overall.

I use Akamai Guardicore Segmentation to block lateral movement of malicious software like ransomware. This is very important to protect my business and my corporation.

I create labels for any assets to create rule sets in Guardicore Center with the configuration.

The logs and network logs provide visibility that is very important for my business and my corporate entity. We use microsegmentation by environment. I do segmentation for production, homologation, and development. It is very important.

Today, I have segmentation for Kubernetes in Guardicore, but I have problems with Guardicore with segmentation for Kubernetes because it is connected to SaaS. This is very important because we have projects starting in Kubernetes in my enterprise.

Akamai Guardicore Segmentation is deployed in my organization on a hybrid cloud because 99% is on a private cloud computer.

The best features of Akamai Guardicore Segmentation are maps and network logs. I think the analysis of logs and hits in Akamai Guardicore Segmentation is fantastic.

The impact of Akamai Guardicore Segmentation is very important because it reduced risk for my corporation and organization. It is very important.

Akamai Guardicore Segmentation reduced risk because it blocked malicious ransomware and uninspected traffic. I appreciate this. It is very good.

Akamai Guardicore Segmentation reduces risk, and the configuration is very easy, among other things.

I think the pricing is very high. It is a big cost. The price of Akamai Guardicore Segmentation is very expensive, but it is important to the enterprise. I think it is more or less.

I have been using Akamai Guardicore Segmentation for approximately five years.

Akamai Guardicore Segmentation is very stable.

It is very scalable.

I like the Akamai support very much. The response is very fast. The attention is very good.

I did not evaluate other options. I am happy with Akamai Guardicore Segmentation.

We have a relationship with this vendor. We are a partner and an experienced user.

The investment is necessary for enterprises to reduce risk, protect the enterprise, and have visibility of the network.

I have used other solutions, but with Akamai, I have WAF, I have proxy, and I have IP security.

I gave this product a review rating of 10.

Hybrid Cloud

Microsoft Azure

I usually recommend Akamai Guardicore Segmentation for larger companies, as we started to work with Guardicore before the acquisition and then moved to distribute Akamai. Akamai Guardicore Segmentation is not a simple solution for the Italian market because we are suffering from nanism; the majority of our companies have under 1,000 employees. Akamai Guardicore Segmentation is enterprise software, but they are pretty good in that area.

It is more suitable for bigger companies. The reasons are not solely about pricing; it is also about the knowledge of the security manager in companies across Italy. For example, a small company with 500 employees might have a limited budget for cybersecurity and typically does not consider micro-segmentation as a primary solution. They may manage cybersecurity issues effectively with their existing LAN setup until they grow larger and face more complexity, which is why micro-segmentation becomes necessary. However, in Italy, it is not as well-known as in other markets due to the customer base.

I usually recommend Akamai Guardicore Segmentation for larger companies, as we started to work with Guardicore before the acquisition and then moved to distribute Akamai. Akamai Guardicore Segmentation is not a simple solution for the Italian market because we are suffering from nanism; the majority of our companies have under 1,000 employees. Akamai Guardicore Segmentation is enterprise software, but they are pretty good in that area.

Regarding their interface, I cannot answer on technical issues or aspects because I am the sales manager, and here we show the characteristics of the software, but we do not make any demonstration of the product because we are a distributor.

To become more competitive, I believe they have to work on technology knowledge and address the brand awareness issues for my market. In more consolidated markets such as the US or UK, where companies have several factories and thousands of employees, they could focus more on marketing the brand and the technologies.

I have been dealing with Akamai for three years overall.

No one has asked for more, so I find the technical support in my region is pretty good.

At the moment, I have no issues with documentation, integration with third-party solutions, or the initial setup; everything is pretty good, although you can always do more.

Concerning their pricing, it is not cheap, but it is reasonable with respect to the kind of market you have to face.

I think it is hard to say if it is the best option on the market at the moment because I do not know a lot of alternatives in that area. They appear to be the kind of solution that stands out; even though Guardicore is not as famous as CyberArk, they are pretty known for what they do.

Our main use case for Akamai Guardicore Segmentation is the implementation in Kubernetes AWS.

Akamai Guardicore Segmentation has positively impacted our organization. We implemented Akamai Guardicore Segmentation and shared all our directory with the team, who are very happy about the security environment we implemented.

Akamai Guardicore Segmentation offers us large visibility in all our environments and helps us to understand network segmentation and traffic.

The visibility from Akamai Guardicore Segmentation has helped our team by addressing the challenge of a shadow network in traffic across all environments, providing us with more insight into this network traffic.

In my experience with Akamai Guardicore Segmentation, the best feature is visibility. The segmentation is excellent, but the visibility of all network traffic is extremely helpful.

The segmentation feature of Akamai Guardicore Segmentation is very easy to set up across all environments. The Akamai team supports all our questions, and the tool is very easy to use, making it extremely helpful.

Regarding the features of Akamai Guardicore Segmentation, the integration with Active Directory is excellent and very positive.

One specific outcome from using Akamai Guardicore Segmentation is that we noticed addressing network threats, which are a very significant problem in any company. This feature, along with visibility, has brought us more peace of mind.

I believe Akamai Guardicore Segmentation could be improved with a feature to filter, and I believe implementing MFA would be very useful and helpful to us.

I have been using Akamai Guardicore Segmentation for more than three years, and I had the opportunity to get certified. I liked the tool so much that I had the opportunity to earn the GCSA and GCSE certifications.

My advice for others looking into using Akamai Guardicore Segmentation is that visibility is crucial. If you are not seeing your network clearly, your job is challenging. Visibility is the main word in Akamai Guardicore Segmentation. Our company has a business relationship with Akamai as we are a partner or reseller. I rate this product a ten out of ten.

Public Cloud

Amazon Web Services (AWS)

We want segmentation for a data center, and we have the problem that we cannot change IP addresses within the data center. So we need a solution. With the Guardicore solution, we can keep the IP addresses. 

Additionally, we get agent-based segmentation, and we don’t have to change anything on the network. These are the main reasons why we chose Guardicore for micro-segmentation.

The enforcement points under the agent, the firewalling has been most beneficial for your customers’ cybersecurity needs specifically. We do not need any further security features like IDS, IPS, or whatever. For us, it’s only the firewall feature, and that’s part of the enforcement point of the Guardicore agent. So that was completely enough for us.

I like the visibility of the communication, so that we really see which communications the assets have to the other assets. We don’t need a further sensor or firewall to see the traffic to these devices. That’s the main reason. 

And Guardicore makes its own rule set automatically, so we can work fast when creating a rule set. We don’t have a long phase of monitoring or whatever, so we can go straight to rules where we drop unwanted data traffic.

We don’t do micro-segmentation for each asset. We work with the ring-fencing function, and we have really good visibility on the dashboard with the rings. We can see which asset is in which segment, zone, or ring. That’s the main thing, that we can see this really easily. 

We can also give this view not only to the administrator of the Guardicore components but also to the application owner, so they can see where their application is placed in the ring-fencing and what communication is there. This makes incident management easier because we get incidents in a more authenticated way from the application owner. That’s also a big benefit from the visibility of the Guardicore solution.

In the firewall, only the administrator has a deep look into the architecture, the logs, and the segmentation. In the Guardicore solution, we can give more visibility to the application owner on their own application. This makes it easier to manage incidents and the overall management of the application and network. The application owner has a view of the actions happening on the network with their assets or applications.

When we have more than one interface, we can only have one policy for both interfaces. Normally, you have assets with a production interface and a server interface that are only for management. 

But in the Guardicore architecture, you cannot give the production interface its own rule set and the management interface another rule set. You have to combine these rule sets into one. It’s a lack because security standards suggest a different way to secure management interfaces.

So, I would like to have two separate rule sets for the basis of the device.

We started planning last year, and we are now in the implementation phase. So, since April this year, we have been working directly with Guardicore and the Guardicore management systems.

We [my company] work with the latest version. 

I would rate the stability a six out of ten, where one is low and ten is high stability.

The difficulty is when you start with such a project, it’s not only with Guardicore, it’s with all other micro-segmentation windows. You have to change your mindset from a network-centric to a label-centric approach, which is not based on the network. That’s the difficulty for the people, the customer, and the administrator. 

There should be more support to change the mindset of the customer. They are all used to the old way to do segmentation. With other micro-segmentation tools, it’s a new technology, and it’s not about thinking in IP segments and IP networks anymore. You have to think in labels and ring fencing. That’s what makes it difficult to start with such a technology. It’s not the vendor, it’s the technology.

I would rate the scalability an eight out of ten. It is good for our use case. So, scalability is at a satisfactory level.

I make projects with my customers. I do not have any view about my other colleagues and what they have in their projects with Vendor. Myself, it was the third customer where we have placed the Guardicore product.

My customers are  enterprise businesses.

The response time should be better. Sometimes it’s good, but sometimes it could be better. You have a problem, you need an answer, and then you have to wait. Sometimes they do not talk with an administrator who knows anything about Guardicore. When my colleagues call support, I think my colleagues are experts. And then the support starts with really easy questions. That’s not funny.

So, I want them to be more skilled, like, more educated on the matter.

Neutral

I would rate my experience with the initial setup a seven out of ten, where one is difficult and ten is easy to set up.

The technical setup was easy. It becomes more challenging when you start labeling the assets and doing the ring-fencing. You have to go deep into the architecture of the network, the application, and whatever. That’s more difficult, but in the end, it’s easier than doing classic segmentation with a firewall.

The data architecture took one week, but the segmentation logic took months. We are not finished. We started in April, and we are not finished. So, like almost half a year. 

We start to define the ring for the ring fences, and then we start with a part of the network with the test environment. We test and then go. The last will be the production. We label the assets, then start a monitoring period to see the data traffic between the assets. Then we go into an alerting phase and finally to a block period.

I would rate the pricing a six out of ten, where one is cheap and ten is expensive.  I know other micro-segmentation tools like Cisco or Illumio, and so I think they are in the middle.

Overall, I would rate the product a seven out of ten. We use Akamai because they have their own enforcement point. This was important for us. 

Other micro-segmentation tools use the desktop firewall of Windows or the Linux iptables firewall, but Guardicore has its own enforcement point and its own agent. This was a key factor. When you start with the implementation, you have to have a clear picture about your labeling. I think it’s really important. You have to know what you want to separate from each other. You could go into very deep detail, but the more detail you have, the more complex it becomes. You have to find a balance between detail and complexity. You need the middle way.

On-premises

We use the product in the production environment of server infrastructure. 

The tool's most valuable feature is its visibility. 

Kubernetes is not installed in the way we need it. 

I have been using the product since October. 

We faced some minor issues, but overall, the product is stable. I rate it an eight to nine out of ten. 

I rate the tool's scalability an eight out of ten. My company has four to six users. 

Akamai Guardicore Segmentation's deployment is smooth. The deployment team promised us that the implementation would be completed in three weeks, but the product was available within two weeks. 

Akamai Guardicore Segmentation is expensive. 

I rate Akamai Guardicore Segmentation an eight out of ten. Adopting the product often involves a greenfield approach, requiring adjustments and careful planning.