Akamai Guardicore Segmentation Reviews

We are a partner, not a customer. We would like to be in a position of trying to provide consultation for this solution and delivery of the product to clients. So, we have partnered with Guardicore in India and we are trying to sell this product and that is our primary use case. The primary use case that we are implementing this product for with clients is micro-segmentation.  

This particular product has a deployment model both in public and private clouds and on-premises. We are pitching it to all of our customers, irrespective of the regulations that they must follow. Some customers are in the government sector, for example, and they will need to go on-premises. There are some customers like IT service-based companies that have most of their infrastructure in the cloud, and those can use cloud-based services. What the client wants and needs totally depends on the type of client they are. We have an advantage with this product in offering it both ways — on cloud and on-premises — to meet the client's needs.

The most important feature or use case, because of micro-segmentation, is the visibility you get when you deploy this product. It will give you very good visibility of your whole data center. The second thing that is valuable is the lateral movement. Often when there is a compromise of vulnerabilities in the organization, this tool greatly helps in understanding the footprint of the attacks. It also helps in stopping the lateral movement of the attack.  

Predominantly I have been working with firewalls and the UTM (Unified Threat Management) solutions for some time. Guardicore has to do something to add on features that help to do a better job of inspection.  

They should have policies based on users. Often we can only add user groups. I think they should offer the ability to assign policies to individual users. The ability to assign policies to both users and groups would make the area of creating policies more flexible. They should also have time-based rules in the policies which they currently do not have.  

They should also get into payload-level inspection. As of now, what they do for threat inspection is to look at the metadata of a packet. This is not in depth enough for proper inspection. They need to start inspecting the payload-level information of a packet or offer this as an option.  

So they should have payload-level inspections to do some deep investigation. Then they should have more user-level control of policies. I think if these two things are introduced, then I could probably change my rating of Guardicore to a nine-out-of-ten.  

We have just recently started working with Guardicore. Six months ago we began working on the POC (Proof of Concept) and we have still not finished so we have yet to deploy the product to production.  

I cannot comment on stability under higher loads because we have not yet deployed it and exposed it to live traffic. We are still in the testing and evaluation phase.  

I think it is an amazing product in terms of scalability.  

I have not had any experience with technical support because we are not in production. Once we deploy the solution to our customers, that is when I think we will be making more use of support resources.  

Earlier we worked more in the firewall space. That is, we worked with Check Point a lot. It was maybe for a period of five years. Then from firewalls, which is a UTM solution, we are trying to move into the new world technologies. That would be things like dedicated security solutions that cover more than what firewalls do.  

As an employee, I am not sure what my organization has gone through in making evaluations and comparisons. I am sure that they have evaluated other products like Illumio, Cisco Tetration, and Guardicore. I do not know, out of all their testing and research, specifically why they found Guardicore to be more a valuable solution. I think these people may be more focused on what they are doing rather than how it is getting done.  

The installation and setup are pretty straightforward.  

Right now, I would definitely recommend Guardicore for someone who is looking into the micro-segmentation space or probably an internal firewall for the organization.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate Guardicore Centra as probably an eight-out-of-ten.  

The interface and dashboard are amazing. I would rate the user interface as a ten-out-of-ten. For other reasons having to do with features and functionality, I have to mark them down a few points.  

This solution will be implemented in several environments for our collaborators.

It will be a great deal for our partner as Guardicore provides excellent network and process visibility, allowing for advanced segmentation with a very friendly UI. 

Its deception features are great, providing a rich telemetry of lured origins, and are a great resource for any active defense strategy.

Needs more customization of honeypots and a vaster catalog of systems able to be mimicked.

The netflow analytics (ML) focused in threat detection needs to be enhanced to provide more practical forms to detect network anomalies proactively.

In huge and complex environments, it is also very challenging to keep the compliance of the agents.

Four weeks.

The solution is still new to us, so I don't know if I have a list of its most valuable aspects.

The dashboard needs improvement. It should be more flexible so that I can easily see what I want or need to see.

So far, the solution has been stable.

The solution is very scalable, especially when connected to the cloud resources.

We haven't needed to contact technical support.

We didn't previously use a different solution. We were already used to Gaurdicore's plan.

The installation of the solution was easy. Deployment took about two to three weeks.

We had a consultant assist us with the implementation.

The pricing is okay. It's good.

We're using the cloud deployment model. We use AWS and Azure for the solution.

I would rate the solution eight out of ten. At the moment, when I use this product it's great. I'm satisfied with what it can do.

We use GuardiCore for East-West data traffic in the data center, micro-segmentation, and security policies. We also use GuardiCore for ransomware protection and analyzing the East-West traffic in a data center.

For an example of the capability of GuardiCore, I know one client who immediately after installing it in their data center, within the first 30 days, discovered a major problem. Two internal employees were stealing their proprietary code. They were copying it to a USB drive. That discovery alone justified to the client the cost of implementing the solution.

The change control in GuardiCore has improved our efficiency by over 75% in terms of implementing security policies. The efficiency of the security team was improved by over 100% in terms of analytics, monitoring, and responding to incidents. 

Most of our clients are small teams. Most of our security teams are three people or less, so these uptake numbers are for them.

The first use case that was most valuable was the security policies and the micro-segmentation because it allows the clients to comply with their auditing requirements, keeping traffic separate internally. 

Additionally, it allows the security policies to be implemented in a minimum amount of time, under 10 minutes, compared to how they did it before, which took days. Those are the two primary justifications and goals of the clients.

The cost of licensing is the biggest issue for clients with GuardiCore. Several years ago it was much more costly to license. GuardiCore has changed the licensing to make it more available. Subsequently, they have improved that a lot. 

Clients continue to ask for improvements in cost. They would like to see that the security policies of GuardiCore can continue to be comparable to all the major firewall players out there. For example, you have Cisco CheckPoint, etc. For some of the products, the licensing is automatic, and for some, it's not.

Our clients would like to see that the security policies can be immediately copied over and used by the various appliances that are in the market. GuardiCore needs to support the major appliances, like the top five guys: Fortinet, Palo Alto, etc. GuardiCore is working towards this. Our customers want universal integration.

On a scale of one to 10, I would give GuardiCore an eight for stability. It's a great product. Several years ago when I looked at it, it was one of a kind in what they do, when you look at the entire set of functionality, especially the quarantine. 

In terms of the stability, GuardiCore is great. We did not have any issues of anything being missed. I am looking forward to continued integration with various API and networking manufacturers, especially with Nutanix and Mellanox. The latter was just bought out by Nvidia, so I think the best is yet to come.

GuardiCore scales very easily. Normally it's managed by the security team. In terms of the roles, we have the security team: system administrators and security. I've had GuardiCore tested in local government and cities. We have one client that had a very large deployment with multiple data centers and financials too. 

The ones that we are now testing with are mostly in the financial sector. I've added a medium-sized deployment. We have one large, several mediums. With the new licensing, it's now easy for a small deployment because it scales both ways.

For deployment and maintenance, we require a minimum of one staff member. The current roles of those are security administrators. Those are the ideal jobs because of the integration with the security class at the data center. 

Where we have GuardiCore deployed, we use both system administrators and security administrators. In some of our deployments, they share the role. One to two is all that's required because of the reporting and the analytics. It's pretty simple.

Unfortunately, we have customers that still have multiple tools. We try to get the customers to consolidate. In terms of use, we are launching some of the latest innovations and partnerships from GuardiCore to our clients. 

We have clients that are still using GuardiCore and other tools because they have invested heavily in those areas. We would like to see them consolidate because GuardiCore does a lot of what these other tools offer. That's our challenge. Our challenge to customers is to improve their efficiency and lower costs.

Within the last 30 days, GuardiCore has released some increased functionality and partnerships with some leading manufacturers that we are now pushing to engage more clients. It is still slow, primarily because of the existing investments. 

What we notice is that for many clients, security is their smallest focus. That's the problem. The security group has the smallest budget in IT and that's our challenge.

Technical support with GuardiCore is great. For all our clients, we haven't had any complaints as yet. I also know that GuardiCore is a great engineering team. On a scale of one to 10, I would put technical support at an eight, customer support at a seven.

That is primarily because I've seen increased rules. It's kind of caught us a little off guard. With GuardiCore, I have had to deal with their technical support and engineering team in Israel. They are amazing. They are very quick to adapt. 

We have had clients that required some customization and GuardiCore has shown that their team in Israel is quick to respond to customization requests.

We were not able to find a different solution that does what GuardiCore can in one box. There were multiple solutions combined that had to be adopted. We had multiple solutions that were meant to address what GuardiCore does. That's how I was able to justify the cost.

Before choosing this product, we worked with auditors and compliance. They could not find a comparable product. We looked at other solutions, but we could not find a better alternative.

The initial setup was straightforward in terms of time to deploy. With knowledge transfer, four hours was a good timeframe, it was complete in less than a day. For reporting and analytics, there's a lot of features and functionality, but within a day the clients were able to get acclimated quickly. They're satisfied with that.

The learning curve on deploying security policies was very low. Those are easy to deploy. Within an hour they were deploying security policies. The ability of GuardiCore to learn the East-West traffic is excellent, within an hour, it was reporting.

I tested the first deployment of GuardiCore four years ago. I left it automated for a full week and it learned everything. Today it's 500% faster, within hours it sees everything.

The ideal implementation strategy that we found that works would be for the client to be initially engaged in a proof of concept demonstration. This allows GuardiCore to set up the system on the client side before purchase. 

That allows the client and the team to see the benefits of it, learn how to use the product, get the reporting, get the analytics, etc. Those clients that did that, once they decided to buy it, it was literally like flipping a switch. Those were the easiest ones. 

The best use case is to engage GuardiCore for a POC before to justify and quantify the purchase, then activate and deploy. It takes less than a day. 

One client did a Webex and had GuardiCore engineers on a Webex do the deployment. That was a two-hour Webex for a POC, followed by another one-hour phone call. We used a remote view for the deployment and completed the reporting several days later.

Typically that's the way we do it, where we engage GuardiCore on the phone. Some clients have no problem doing it themselves, but in all my cases we have engaged GuardiCore online to go live. I only had one instance where they came on-site, but that was a complex client.

We do have ROI. First, one client found theft of data that alone justified to the client the cost. They invested heavily, well over a $100,000 in GuardiCore. That was a big purchase with an extensive setup. That discovery led to court cases. GuardiCore provided evidence that they required. It was invaluable.

The second, in terms of the ROI, was for clients using GuardiCore for the first time. We showed clients what occurs during patch updates, Windows updates, anti-virus updates, etc. GuardiCore shows the traffic. You see your anti-virus going through the updates. Some clients they thought they were being attacked until we showed them that these are the patch monitoring servers. 

For many years, clients set up updates. They do change control. They set GuardiCore up, they check the lock, and they assume its all done. GuardiCore shows them that it was done. The clients have proof that their applications will be filtered appropriately.

In terms of the return on investment, it was an invaluable tool to demonstrate that the client's internal practices will be implemented automatically. That blew away a lot of clients the first time they saw it. 

GuardiCore has made some new changes to the license now. We've seen monthly and annual licenses based on a subscription. We have a few clients that pay anywhere from $25,000 a year. 

The new license is based on what requirements you take. It's very hard to put a cost on it without attaching a cause to the features that you activate. It's unfair to talk about costs without looking at the scenarios.

Other than the cost of the licensing, GuardiCore does not integrate well, especially if you have some of the real manufactures. You have no additional licensing costs.

The first major piece of advice is to initiate a robot to review the solution. Second, go on YouTube. There are quite a few demos on YouTube. The most important point is to schedule a proof of concept on the site, which is done online. It is very easy and the proof of concept is normally followed with a quote.

Just those two items, a proof of concept with a quote, allows a client to justify the cause either way. You should not deploy GuardiCore or any solution without the proof of concept, not anymore, not today. It's very easy now to get a proof of concept and look at those things.

I would rate GuardiCore an eight out of ten based on the product visibility in an area that IT is completely blind about. The product needs improvement in change control and compliance. GuardiCore also needs to improve the ability to respond to annual audits, especially now that many institutions are required to do at least an annual audit.

Based on the ability to monitor and manage these newer standards, I would give GuardiCore a ten. It's been dramatically improved.