The primary use case for Sangfor Cyber Command is threat hunting. It correlates vulnerabilities and threats detected from various sources including user side, server side, and Internet-facing and internal organization-facing firewalls.
Helped our organization by providing a comprehensive picture of our cyber posture in terms of threat intelligence
What is our primary use case?
How has it helped my organization?
Sangfor Cyber Command has helped our organization by providing a comprehensive picture of our cyber posture in terms of threat intelligence. It reported and stopped a ransomware attack using automated playbooks, which could have been disastrous otherwise.
What is most valuable?
The most valuable feature is the capability to correlate all the vulnerabilities or threats detected from different sources. It does a very good job in correlating and identifying threat actors. Its integration with other products such as HCI, Firewall, and VDI solution for native control and detection also adds significant value.
What needs improvement?
The solution could improve by incorporating email security. Additionally, there is room for improvement in the technical support capability side, as there are relatively fewer cybersecurity professionals available.
For how long have I used the solution?
We deployed Cyber Command in 2022.
What do I think about the stability of the solution?
In terms of stability, I rate it nine out of ten. We have not had any issues with stability so far.
What do I think about the scalability of the solution?
We have not experienced any scalability issues so far, but there is uncertainty about whether the solution can scale vertically or horizontally if needed. The best-case scenario would involve adding another device.
How are customer service and support?
Technical support could be improved, and I rate them a seven. The support team has fewer cybersecurity resources capable of managing Cyber Command compared to other solutions.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
This was our first experience in terms of threat hunting.
How was the initial setup?
The initial setup was not too difficult but not entirely easy either. I would rate it a six out of ten.
What about the implementation team?
The deployment involved around eight people, while maintenance now requires four people. The implementation was mostly managed internally.
What was our ROI?
A ransomware attack was detected and stopped by the solution, preventing potentially significant network compromise. The ROI is evident in avoiding such threats.
What's my experience with pricing, setup cost, and licensing?
The solution's pricing is justified, especially if there is an existing portfolio of Sangfor products. It integrates well with other products, providing native control and detection.
Which other solutions did I evaluate?
We evaluated managed SOC services from Siemens, however, it was not favorable due to excessive network alert noise.
What other advice do I have?
For organizations considering cybersecurity products, it's important to start the cybersecurity journey as threats are real. Sangfor Cyber Command provides valuable security insights and protection.
I'd rate the solution ten out of ten.
Which deployment model are you using for this solution?
On-premises
