Illumio vs Vectra AI comparison

Illumio
Read 8 Illumio reviews
  • 4,589 Views
  • 3,484 Comparison Views
85% willing to recommend
Vectra AI
Read 42 Vectra AI reviews
  • 7,149 Views
  • 3,331 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Illumio and Vectra AI based on real PeerSpot user reviews.

Find out what your peers are saying about VMware, Akamai, Cisco and others in Cloud and Data Center Security.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cloud and Data Center Security Report (Updated: June 2024).
Buyer's Guide
Cloud and Data Center Security
June 2024
Download the complete report
Helped 787,779 peers since 2012
 

Categories and Ranking

Illumio
Average Rating
8.0
Number of Reviews
8
Ranking in other categories
Cloud and Data Center Security (4th), Cloud Workload Protection Platforms (CWPP) (14th), Microsegmentation Software (3rd)
Vectra AI
Average Rating
8.6
Number of Reviews
42
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (2nd), Network Traffic Analysis (NTA) (2nd), Network Detection and Response (NDR) (2nd), Identity Threat Detection and Response (ITDR) (6th)
 

Mindshare comparison

As of June 2024, in the Cloud and Data Center Security category, the mindshare of Illumio is 31.4%, up from 24.0% compared to the previous year. The mindshare of Vectra AI is 1.2%, down from 1.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud and Data Center Security
Unique Categories:
Cloud Workload Protection Platforms (CWPP)
5.5%
Microsegmentation Software
29.5%
Intrusion Detection and Prevention Software (IDPS)
13.3%
Network Traffic Analysis (NTA)
22.0%
 

Featured Reviews

CH
Jun 28, 2022
Great auto policy writing and good mapping with an easy setup process
Right now, we are using a non-production, 21.2.3 version. In production, we are in 19.3.6, which we are going for an upgrade on the weekend, which will be 21.2.30. Right now, the deployment is on-premises. The roadmap is to go to a SaaS product with Illumio, however, right now, it's on-premises. It is being used for on-premises, however, we are thinking to make use of the cloud as well, using the CloudSecure product. We like the solution. It's light. It doesn't take too many resources. For anyone to implement the product, it's pretty straightforward and simple. It's also very effective. It's very quick and very flexible to implement. That's the thing I can advise - just to implement this product and try it out. I'd rate the solution eight out of ten.
Read full review
NK
Mar 7, 2023
Simple implementation and has precise detection
Our primary use case for this solution is for security policy and to detect potential attacks on our networks This solution helped our mean time to identify as we can have more precise detection and documentation. At the moment, we're seeing daily detection of between 10 and 20 and if it's on the…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Illumio Adaptive Security Platform is monitoring. When I have no requirement from the other application, I can use the web block traffic to build."
"It has helped us to understand internal network visibility and firewall policy implementation. We use the product to simplify firewall policy implementation."
"The solution helps to maintain logs and monitor activities. It also helps us with access management. The tool helps us to secure organizational data that include files."
"The solution is easy to use."
"The features that I have found most useful is the ability to centralize all the rules and then distribute them across various locations. However, I've encountered challenges related to tagging policies, which can be complex to devise. It's a matter that requires careful consideration and stakeholder involvement before implementing such policies."
"The flexibility of the solution is its most valuable feature."
"The Explorer allows you to know the traffic between source and destination."
"The product provides visibility into how the applications communicate and how the network protocols are being used."
"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force."
"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."
"Scalability wise, we have many sensors, and Vectra AI seems to handle them all very well."
"The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into."
"It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part."
More Vectra AI pros
 

Cons

"It requires a low-level re-architecting of the product."
"The solution is very basic and doesn't do anything other than the orchestration of layer four endpoint firewall rules."
"The interaction we've had with the support team hasn't been ideal. Technical support should be improved."
"The customer service is lagging a bit. It could be better."
"The product’s agents don't work very well in OT environments."
"Some of the features that can be improved is offer additional guidance on creating an effective and risk-free tagging policy would be highly beneficial."
"I would like to see better data security in the product."
"Illumio Adaptive Security Platform could improve by supporting more operating systems. For example, Cisco and Apache appliances."
"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"Other alternatives, like Darktrace, have a fancier UI."
"In education as a sector, we are looking at AI a lot in terms of how it can be used as part of the teaching and learning side of things. It would be great to have Vectra AI look at a better way to enhance the security posture related to the AI tools in our portfolio."
"Vectra Recall could be utilized much more, and I'm seeing some indications of that today with the investigative components. I use the Visualize feature to visualize components and dashboards a lot. I'm interested in new ways to build automated searches or having them leveraged already from Vectra."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"The false positives and the tuning side of it is something that could use improvement. But that could be from our side."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
More Vectra AI cons
 

Pricing and Cost Advice

"The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis."
"There is a subscription needed to use Illumio Adaptive Security Platform and we pay every three years. Overall the solution is expensive."
"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."
"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."
"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
"Cost is a big factor, as always. However, I think we have a very good price–performance ratio."
"The upfront pricing model that we have would have been more beneficial if it had been a recurring license fee, but that wasn't a massive issue for us. It's fairly priced."
"The solution's pricing was 50 percent lower than the other vendors shortlisted."
"The solution is low-cost and affordable."
"Vectra is a bit on the higher side in terms of price, but they have always been transparent. The reason that they are this good is that they invest, so they need to charge accordingly."
More Vectra AI pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Cloud and Data Center Security solutions are best for your needs.
See recommendations
787,779 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
16%
Manufacturing Company
9%
Government
6%
Computer Software Company
16%
Financial Services Firm
12%
Government
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Illumio Adaptive Security Platform?
The features that I have found most useful is the ability to centralize all the rules and then distribute them across various locations. However, I've encountered challenges related to tagging poli...
See all answers
What is your experience regarding pricing and costs for Illumio Adaptive Security Platform?
The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis.
See all answers
What needs improvement with Illumio Adaptive Security Platform?
Some of the features that can be improved is offer additional guidance on creating an effective and risk-free tagging policy would be highly beneficial.
See all answers
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
See all answers
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
See all answers
What is your experience regarding pricing and costs for Vectra AI?
The licensing is on annual basis.
See all answers
 

Comparisons

Akamai Guardicore Segmentation vs Illumio Logo
Akamai Guardicore Segmentation vs Illumio
Compared 34% of the time
VMware NSX vs Illumio Logo
VMware NSX vs Illumio
Compared 15% of the time
Cisco Secure Workload vs Illumio Logo
Cisco Secure Workload vs Illumio
Compared 10% of the time
Zscaler Internet Access vs Illumio Logo
Zscaler Internet Access vs Illumio
Compared 5% of the time
Darktrace vs Illumio Logo
Darktrace vs Illumio
Compared 1% of the time
More Illumio Competitors
Darktrace vs Vectra AI Logo
Darktrace vs Vectra AI
Compared 36% of the time
ExtraHop Reveal(x) vs Vectra AI Logo
ExtraHop Reveal(x) vs Vectra AI
Compared 11% of the time
Cisco Secure Network Analytics vs Vectra AI Logo
Cisco Secure Network Analytics vs Vectra AI
Compared 7% of the time
Arista NDR vs Vectra AI Logo
Arista NDR vs Vectra AI
Compared 6% of the time
SolarWinds NetFlow Traffic Analyzer vs Vectra AI Logo
SolarWinds NetFlow Traffic Analyzer vs Vectra AI
Compared 2% of the time
More Vectra AI Competitors
 

Product Reports

Buyer's Guide
Cloud and Data Center Security
June 2024
Illumio reportDownload Illumio product report
Buyer's Guide
Vectra AI
May 2024
Vectra AI reportDownload Vectra AI product report
 

Also Known As

Illumio Adaptive Security Platform, Illumio ASP
Vectra Networks, Vectra AI NDR
 

Learn More

Illumio
Vectra AI
 

Overview

Illumio Zero Trust Segmentation is a cloud and data center security solution that helps stop breaches from spreading across hybrid and multi cloud IT environments. The solution is designed to stop ransomware, contain cyber attacks, and reduce risk. With Illumio Zero Trust Segmentation, users can understand relationships and communications to map exposure risk of systems and data, identify the right security posture and secure applications through least-privilege policies, and ensure a Zero Trust security posture.

Illumio Zero Trust Segmentation Features

Illumio Zero Trust Segmentation has many valuable key features. Some of the most useful ones include:

  • Scalability: Illumio Zero Trust Segmentation scales up to 200,000 managed workloads or over 700,000 unmanaged workloads. These workloads can be in the cloud, on-premises, and in hybrid environments.
  • Single pane of visibility: The solution’s single pane of visibility improves your security posture and ability to prevent and respond rapidly to cyberattacks.
  • Simplicity: With Illumio Zero Trust Segmentation, setting up groups and tags is simple. The solution is easy to integrate with next-generation firewalls and can also integrate with IT service management tools to import workload tags to provide more context to workloads.
  • Ransomware containment: The solution provides enforcement boundaries to contain attackers from moving laterally across your organization, enabling security architects to immediately isolate any workload or endpoint compromised in an attack. Enforcement boundaries can be activated instantly through scripts or by manual control, isolating workloads and endpoints already infected from spreading across the organization.

Illumio Zero Trust Segmentation Benefits

There are many benefits to implementing Illumio Zero Trust Segmentation. Some of the biggest advantages the solution offers include:

  • Visibility everywhere: The Illumio Zero Trust Segmentation solution helps ensure that every interaction on your network is accounted for. 
  • Least-privilege access: By implementing Illumio Zero Trust Segmentation, your organization can prevent unexpected breaches from propagating.
  • Adaptability and consistency: The solution guarantees consistent network behavior everywhere. 
  • Proactive posture: Using the solution enables your organization to always be on the lookout for an attack. 
  • Improve breach containment: With the solution, you can prevent unauthorized lateral movement and reduce your blast radius. Creating micro-perimeters around specific assets breaks up your attack surface and gives you the granular control needed to contain breaches.
  • Streamline policy management: The solution enables organizations to decouple segmentation from the underlying network to define policies based on the language that IT uses. Illumio's human-readable labels make policy creation much simpler and faster than traditional network segmentation approaches like VLANs, IP addresses, and port numbers.

Reviews from Real Users

Illumio Zero Trust Segmentation is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it has a good auto policy writing feature, great mapping, and useful monitoring. 

Shashi, Technical Consultant at a financial services firm, explains which features she really likes. “The auto policy writing is great. The feature will give you the option of inbound-outbound traffic. The Explorer allows you to know the traffic between source and destination. The illumination definitely stands out. Mapping is great. The application group mapping is useful.”

The solution has “helpful support, useful monitoring, and high availability,” according to Edwin L., Security Architect at MGM.

Vectra threat detection and response is a complete cybersecurity platform that collects, detects, and prioritizes security alerts. The Cognito platform for Network Detection and Response (NDR) detects and responds to attacks inside cloud, data center, Internet of Things, and enterprise networks. The platform also provides automated response capabilities for low-level threats and escalates more severe anomalies to security personnel.

Cognito captures data for multiple relevant sources and enriches it with context and security insights. It starts by deploying sensors across different networks in datacenters, IoT, or enterprise networks. The algorithm extracts relevant metadata from network and cloud traffic. The information can also be non-security information that can help investigation. 

The data is enriched with security context to support critical use cases, such as threat detection, investigation, hunting and compliance. The platform is machine learning-based, which enables it to adapt to any new and current threat scenario. It detects, clusters, prioritizes, and anticipates attacks by using identity and host-level enforcement. 

With the Vectra platform, a person can investigate 50 threats in just two hours. By prioritizing alerts and leveraging threat intelligence, it provides faster results.Vectra solves today’s security challenges for network detection and response. 

One of Vectra’s best features is the emphasis they put in pairing research and data science for security insights. It offers behavior codification with unsupervised, supervised, and deep learning models. 

The pricing is according to a subscription model with a free trial available.Vectra is available for Office 365, Azure AD and AWS Brain.

Features of Vectra AI

  • AI-based threat detection and response. 
  • Detects attacks in real time with behavior-based threat detection. 
  • Consolidates and correlates thousands of events, detecting threats. 
  • Enriches threat investigation with a chain of evidence and data science security insights. 
  • Machine learning techniques, including deep learning and neural networks. 
  • Gives visibility into cyberattackers and analyzes all network traffic. 
  • Continuous updates with new threat detection algorithms. 
  • Provides encryption at rest and in transit. For the AWS version, it offers AES-256 encryption via AWS Key Management Service. 
  • Guaranteed availability according to the SLA of the service selected. 
  • Does not connect to public sector networks. 

Benefits of Vectra AI

  • Behavioral models use AI to find unknown attackers. 
  • Context increases the accuracy of threat hunting. 
  • Allows for proactive action by prioritizing the most relevant information. 
  • Provides a clear picture and extensive context for investigations. 
  • Aids decision-making in the incident response process. 
  • Helps working with large datasets by capturing metadata at scale. 
  • Automates time-consuming analysis. 
  • Reduces the security analysts’ workloads on threat investigations. 

Other advantages of Vectra services include that they can be deployed in the public, private, or hybrid cloud. Support is available via email or online ticketing with an average of 4 hours of response. Phone support is available 24/7. 

Vectra provides full on-site and online training and documentation. Regarding the user interface, it supports several types of web browsers, such as Internet Explorer, Microsoft Edge, Firefox, Chrome, Safari and Opera. However, it is not available for mobile devices.

Reviews from Real Users

Here’s what PeerSpot users of Vectra AI have to say about it:

"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us." - Dave W., Operations Manager at a healthcare company

"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low.” - T.S., Senior Security Engineer at a manufacturing company

 

Sample Customers

Plantronics, NTT Innovation Institute Inc.
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Buyer's Guide
Cloud and Data Center Security
June 2024
Download Free Report
Find out what your peers are saying about VMware, Akamai, Cisco and others in Cloud and Data Center Security. Updated: June 2024.
DOWNLOAD NOW
787,779 professionals have used our research since 2012.

We monitor all Cloud and Data Center Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.