Akamai Guardicore Segmentation Room for Improvement

JT
Manager Network & Security Engineering at Teleflora

They're really good at getting into the environment. But the long-term management of the security policies could be improved with some kind of automation platform, something like Chef or Puppet or Ansible, to help you manage the policies after day-one. Setting it up initially is really simple and getting going is really easy, but to then manage the policies and changes to those policies, going forward, through some type of automation process is not turning out to be really easy. It would help if they could either provide some guidance there or adjust the way that the API handles that a little bit, to make that simpler. 

Their API is clear. It's just proving difficult, from a code perspective, to manage the rule sets. You can build out a rule set really easily. You can deploy agents really easily. You can apply the rules, initially. The issue is then going back and adding a new rule to an old rule set or pulling one out and doing maintenance on it with code. It seems to take a lot of extra logical checks such as making sure we're not duplicating a rule or the like. That's really the only place where, although we're not stuck, we're having to put in more time than we anticipated. Everything else has been super-easy, but the maintenance and management of the rule sets with our automation tools has not proved to be as simple as we would've liked.

It seems like it would have been really easy to put it in if we didn't have a lot of changes. But it seems that the long-term maintenance of it is a little bit difficult and could use some improvement.

View full review »
KlavsThaarup - PeerSpot reviewer
Senior Security Consultant at Orange Cyberdefense

There are always areas for improvement. It doesn't support a PAAC solution (Platforma as a service) in the cloud. So that could be improved.

In future releases, I would like to see more integration with other products. 

View full review »
Matthias Kropf - PeerSpot reviewer
Senior Expert Enterprise Architecture at a manufacturing company with 10,001+ employees

Kubernetes is not installed in the way we need it. 

View full review »
Buyer's Guide
Akamai Guardicore Segmentation
March 2024
Learn what your peers think about Akamai Guardicore Segmentation. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Uday Varma - PeerSpot reviewer
Solution Architecht at Inspira Enterprise

Incident tagging could be improved. Other vendors offer semi-automatic tagging, which Guardicore doesn't yet have.

The rest of the features are already industry standard.

View full review »
IT
Corporate Operations Manager at University of Strathclyde

Sometimes, the speed needs improvement, especially when it comes to the generation of maps, where it can be a bit slow.

For the reporting, I would like if they could make it easier to check what the agents are doing.

View full review »
KP
Specialist Master - Cyber Risk at a consultancy with 10,001+ employees

Guardicore Centra should incorporate automation so that we aren't required to write custom scripts by leveraging APIs quite often. The tool also has limitations on overall policy rules that can be configured on the platform (60k rules) which seems a lot but with big chatty applications and a huge application count to segment, this limit can turn out to be small if the goal is to segment a lot of application servers. Operationally there are too many clicks and analyses needed to do quick and safe changes (for e.g. label replacement) in the production environment. I think that the incorporation of automation templates for some standard use cases can help clients make changes with confidence and without the possibility of human error. 

View full review »
FD
Solutions Architect at Alturna-Tech

The cost of licensing is the biggest issue for clients with GuardiCore. Several years ago it was much more costly to license. GuardiCore has changed the licensing to make it more available. Subsequently, they have improved that a lot. 

Clients continue to ask for improvements in cost. They would like to see that the security policies of GuardiCore can continue to be comparable to all the major firewall players out there. For example, you have Cisco CheckPoint, etc. For some of the products, the licensing is automatic, and for some, it's not.

Our clients would like to see that the security policies can be immediately copied over and used by the various appliances that are in the market. GuardiCore needs to support the major appliances, like the top five guys: Fortinet, Palo Alto, etc. GuardiCore is working towards this. Our customers want universal integration.

View full review »
OC
Analyser at Shaare Zedek Medical Centre

It's not easy to learn to use this program. It would be very helpful for beginners if the solution had more windows to help with the terms inside instead of going to the documentation.

View full review »
DM
Infrastructure Analyst/Developer at a university with 1,001-5,000 employees

The maps could go a bit faster. They are useful but slightly slow.

View full review »
VC
Senior Principal Consultant Cloud/DevOps/ML/Kubernetes at Opticca

Supports become difficult when it's for a big organization. For a small organization, medium organization, it still makes sense, however, for a big organization, it makes life difficult.

We would like to be able to go agentless.

I'd like support for all types of Kubernetes and service mesh. They say, "Ah, we support this, we support that." This is not the case. 

View full review »
EH
CTO at a consumer goods company with 501-1,000 employees

In our version, when using the terminal server, we cannot exclude user tasks for each session. When we upgrade, I expect that we can exclude user tasks for each session from the terminal.  

View full review »
JG
Cybersecurity Coordinator at MONEX

The integration with other tools could be improved. It would be a very good value to customers if Guardicore Centra could talk with other tools, like Palo Alto or Cisco Firewalls, or agents running on the machine, like anti-malware or the intrusion prevention systems. 

View full review »
JC
Information Security Engineering Consultant at a university with 1,001-5,000 employees

They can maybe improve their customer service just because they are kind of a small organization, and customer service isn't as big as others such as VMware.

View full review »
JH
Senior Security Consultant at a tech consulting company with 1,001-5,000 employees

Customers would want to see the cost improved.

View full review »
AR
Senior Network Security Engineer at a tech services company with 51-200 employees

Predominantly I have been working with firewalls and the UTM (Unified Threat Management) solutions for some time. Guardicore has to do something to add on features that help to do a better job of inspection.  

They should have policies based on users. Often we can only add user groups. I think they should offer the ability to assign policies to individual users. The ability to assign policies to both users and groups would make the area of creating policies more flexible. They should also have time-based rules in the policies which they currently do not have.  

They should also get into payload-level inspection. As of now, what they do for threat inspection is to look at the metadata of a packet. This is not in depth enough for proper inspection. They need to start inspecting the payload-level information of a packet or offer this as an option.  

So they should have payload-level inspections to do some deep investigation. Then they should have more user-level control of policies. I think if these two things are introduced, then I could probably change my rating of Guardicore to a nine-out-of-ten.  

View full review »
reviewer1336989 - PeerSpot reviewer
Network and Security Engineer at CS-Novidy’s

Needs more customization of honeypots and a vaster catalog of systems able to be mimicked.

The netflow analytics (ML) focused in threat detection needs to be enhanced to provide more practical forms to detect network anomalies proactively.

In huge and complex environments, it is also very challenging to keep the compliance of the agents.

View full review »
YP
Security Engineer at INTRASYSTEMS LLC

The dashboard needs improvement. It should be more flexible so that I can easily see what I want or need to see.

View full review »
Buyer's Guide
Akamai Guardicore Segmentation
March 2024
Learn what your peers think about Akamai Guardicore Segmentation. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.