Coming October 25: PeerSpot Awards will be announced! Learn more
Buyer's Guide
Cloud and Data Center Security
October 2022
Get our free report covering Guardicore, VMware, Illumio, and other competitors of Cisco Secure Workload. Updated: October 2022.
635,987 professionals have used our research since 2012.

Read reviews of Cisco Secure Workload alternatives and competitors

Amith Rao - PeerSpot reviewer
Senior Network Security Engineer at a tech services company with 51-200 employees
Real User
Top 20
Get great visibility into vulnerabilities through micro-segmentation
Pros and Cons
  • "This tool greatly helps in understanding the footprint of the attacks."
  • "The interface and dashboard are amazing."
  • "The product needs a few features like enhanced user policies and payload-level inspection to improve the offering."

What is our primary use case?

We are a partner, not a customer. We would like to be in a position of trying to provide consultation for this solution and delivery of the product to clients. So, we have partnered with Guardicore in India and we are trying to sell this product and that is our primary use case. The primary use case that we are implementing this product for with clients is micro-segmentation.  

How has it helped my organization?

This particular product has a deployment model both in public and private clouds and on-premises. We are pitching it to all of our customers, irrespective of the regulations that they must follow. Some customers are in the government sector, for example, and they will need to go on-premises. There are some customers like IT service-based companies that have most of their infrastructure in the cloud, and those can use cloud-based services. What the client wants and needs totally depends on the type of client they are. We have an advantage with this product in offering it both ways — on cloud and on-premises — to meet the client's needs.

What is most valuable?

The most important feature or use case, because of micro-segmentation, is the visibility you get when you deploy this product. It will give you very good visibility of your whole data center. The second thing that is valuable is the lateral movement. Often when there is a compromise of vulnerabilities in the organization, this tool greatly helps in understanding the footprint of the attacks. It also helps in stopping the lateral movement of the attack.  

What needs improvement?

Predominantly I have been working with firewalls and the UTM (Unified Threat Management) solutions for some time. Guardicore has to do something to add on features that help to do a better job of inspection.  

They should have policies based on users. Often we can only add user groups. I think they should offer the ability to assign policies to individual users. The ability to assign policies to both users and groups would make the area of creating policies more flexible. They should also have time-based rules in the policies which they currently do not have.  

They should also get into payload-level inspection. As of now, what they do for threat inspection is to look at the metadata of a packet. This is not in depth enough for proper inspection. They need to start inspecting the payload-level information of a packet or offer this as an option.  

So they should have payload-level inspections to do some deep investigation. Then they should have more user-level control of policies. I think if these two things are introduced, then I could probably change my rating of Guardicore to a nine-out-of-ten.  

For how long have I used the solution?

We have just recently started working with Guardicore. Six months ago we began working on the POC (Proof of Concept) and we have still not finished so we have yet to deploy the product to production.  

What do I think about the stability of the solution?

I cannot comment on stability under higher loads because we have not yet deployed it and exposed it to live traffic. We are still in the testing and evaluation phase.  

What do I think about the scalability of the solution?

I think it is an amazing product in terms of scalability.  

How are customer service and technical support?

I have not had any experience with technical support because we are not in production. Once we deploy the solution to our customers, that is when I think we will be making more use of support resources.  

Which solution did I use previously and why did I switch?

Earlier we worked more in the firewall space. That is, we worked with Check Point a lot. It was maybe for a period of five years. Then from firewalls, which is a UTM solution, we are trying to move into the new world technologies. That would be things like dedicated security solutions that cover more than what firewalls do.  

As an employee, I am not sure what my organization has gone through in making evaluations and comparisons. I am sure that they have evaluated other products like Illumio, Cisco Tetration, and Guardicore. I do not know, out of all their testing and research, specifically why they found Guardicore to be more a valuable solution. I think these people may be more focused on what they are doing rather than how it is getting done.  

How was the initial setup?

The installation and setup are pretty straightforward.  

What other advice do I have?

Right now, I would definitely recommend Guardicore for someone who is looking into the micro-segmentation space or probably an internal firewall for the organization.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate Guardicore Centra as probably an eight-out-of-ten.  

The interface and dashboard are amazing. I would rate the user interface as a ten-out-of-ten. For other reasons having to do with features and functionality, I have to mark them down a few points.  

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Cyber Security Division Head at TurnKey
Real User
Top 20
Integrates well with Palo Alto and is reliable but lacks standard security features
Pros and Cons
  • "NSX is good in managing security or controlling the security and the access control for each single VM."
  • "It's not feature-rich."

What is our primary use case?

The solution is mainly used for rolling virtual environments and private clouds. I use the product for my company and for other customers.

How has it helped my organization?

It's important to have whenever I need to segment or control the traffic from virtual machine to virtual machine. This was not the case without the NSX.

What is most valuable?

NSX is good in managing security or controlling the security and the access control for each single VM. 

It is essential and it can be useful up to a certain level of access control. That said, if we need further detailed or further security features, we should use another product like Palo Alto or Fortinet or other competitors.

It integrates with certain vendors like Palo Alto seamlessly.

The product is stable. 

We can scale the solution. 

What needs improvement?

It's just access controlled. It should be leveraged by adding more detailed, deep security products to facilitate the NXS. The security needs improvement. 

It's not feature-rich. It's not doing many tasks like a Next Generation Firewall such as Palo Alto for VM or other vendors like Fortinet for virtualized environments. 

It has to have the features from next-generation firewalls, and it needs to complement other features, as in the unified security gateway, to be a good competitor against other solutions.

It does not integrate well with many platforms. 

For how long have I used the solution?

I've been using the solution for a couple of years now. 

What do I think about the stability of the solution?

Stability is not an issue. It's not buggy. It doesn't crash or freeze. the performance is good. 

What do I think about the scalability of the solution?

It is a scalable product. 

We have around 1000 or more people on the solution. Our customers use the solution. We do not use it internally. 

How are customer service and support?

We didn't have experience with VMware technical support. Mainly, the issues we need are covered via assistance from Palo Alto. I've never directly communicated with VMware support. 

Which solution did I use previously and why did I switch?

We didn't use any solution for the virtualized environment.

That said, for other solutions in the market that have the same feature, we have experience. This includes Juniper, Cisco, and Palo Alto. These all have next-generation firewall features, which have been standard for 20 years now.

How was the initial setup?

It's intermediate in terms of ease of setup. It is not so straightforward, and it's not also complex.

 It integrates with certain vendors like Palo Alto very well. That said, other vendors, like Fortinet or others, do not have the same level of integration.

I'd rate the process a there out of five in terms of ease of setup. 

The deployment took three weeks the first time we did it. The strategy is mainly segmenting between operational virtual machines which have, for example, the database and the application front end on the same VLAN. If I need to segment this traffic, it wouldn't be possible without NSX.

We have two people that can handle deployment and maintenance tasks. We need someone who understands the schema of the solution itself, the software itself, the front end and the database, and so on. Then, we also need one person from the security team.

What about the implementation team?

We had a consultation and fielded recommendations from a Palo Alto engineer.

What was our ROI?

From a security point of view, the ROI you would see would be based on making things secure. The risk is at the lowest possible levels. However, the level of security that would be improved using this solution alone isn't so good. I'd rate the ROI a two out of five as it doesn't do much on its own. 

What's my experience with pricing, setup cost, and licensing?

I'm not sure about licensing, as this is out of my scope as a technical engineer.

Which other solutions did I evaluate?

We did look into other options before choosing this solution. 

What other advice do I have?

We are a partner. I'm using the latest version of the solution. 

It has good features for tagging and auto-tagging and so on. That said, without another complementary solution like Palo Alto or other micro-segmentation firewall vendors, it would not be of that much use. It needs the support of other software.

I'd rate the solution five out of ten. It lacks standard security features, which is why I rate it so low. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
alvarado - PeerSpot reviewer
Cloud Support Leader at a tech company with 51-200 employees
User
Top 5Leaderboard
Versatile, easily provides security, and offers state-of-the-art technology
Pros and Cons
  • "All our connections are secure."
  • "Check Point support could improve."

What is our primary use case?

In our company, we have our infrastructure in the public cloud of Microsoft Azure, for which it is very important to have a secure environment. In the face of modern threats that protect the perimeter, the management of the secure administration through its management has been great, for which has met expectations.

It has been possible to carry out VPNs against our other on-premise environments in an adequate manner, monitored and validated by the logs that we have in order to solve any security detail.

How has it helped my organization?

We have managed to obtain a highly secure cloud environment, with state-of-the-art Check Point technology, incoming connections, and connections from other servers have been really secure, controlled, and reviewed through the features they offer. It has really improved and avoided security vulnerabilities. 

For the company, it has offered very important support and effort.

The solution has been really easy to implement. In Azure, we have the manufacturer's appliances available, and the infrastructure design has a lot of documentation to do it in the best way.

What is most valuable?

For us, the versatility of the appliance in the Microsoft Azure public cloud in our specific case has been very good. We have really been able to implement security from the cloud infrastructure. All our connections are secure. We have granular access control, which is really essential.

We really liked that we can easily provide security in our network, which provides a lot of control. Another very good feature for network security has been the implementation of monitoring. We really recommend these solutions.

What needs improvement?

Unfortunately, not everything is one hundred percent good. Check Point support could improve. It is the face before the client, and at least in my case, it could improve a little.

In the case of implementing the management from the Infinity Check Point portal, it is important to improve the performance of the portal since sometimes a little slowness is perceived when managing our Check Point gateways.

They can improve the documentation a bit to differentiate it from on-premise deployments to cloud deployments.

For how long have I used the solution?

We use our implementation of Check Point Gateway in the Microsoft Azure public cloud, where we have used this manufacturer to protect our cloud, connectivity from on premise, giving us very good results.

Which solution did I use previously and why did I switch?

Previously in another company, I used Cisco, however. Check Point seems more intuitive to me.

What's my experience with pricing, setup cost, and licensing?

Some Check Point features are somewhat expensive. I recommend that users seek advice from a partner who can provide them with all the details of each one.

Which other solutions did I evaluate?

I recommend that others evaluate the documentation of several manufacturers, generate test environments, and review the scope of each one in order to make the best decision.

In our case, Check Point meets our requirements.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Cloud and Data Center Security
October 2022
Get our free report covering Guardicore, VMware, Illumio, and other competitors of Cisco Secure Workload. Updated: October 2022.
635,987 professionals have used our research since 2012.