What is our primary use case?
We have two use cases. We are a subsidiary of a larger insurance company and their rulings and policies are what govern what we do and don't do.
Our first use case is that, while the majority of our staff uses a standard VPN connection, all of our retail stores use Atmos for connectivity.
The other use case relates to some of our developers who have latency issues if they're on VPN, so they use Atmos as well.
How has it helped my organization?
We have vendors doing projects for us. We build them a server on Azure that they configure for us, so they need access to it. Normally, we would have to go through the process of giving them an account and elevated rights on those servers, and then give them a VDI session so that they could log in to those servers. With Atmos, we can bypass that. We can set up a remote desktop to those servers, specifically for that vendor, and that is the only thing they can get to, using Atmos. And no VDI is required. We're saving licensing costs by doing that.
Another nice part about Atmos is that it replaced other tools that we used, like NetSkope. Now we're paying for one solution, and that saves us a nice amount of money that we can use for other important things.
The solution has improved the reliability of our connectivity as well as performance. And it has greatly reduced costs. We don't have to use VeloCloud or another type of product at each store and have a secure connection to another VeloCloud in the data center. Instead, we can go straight from the Meraki switch, to the ISP, to the Internet, meaning to whatever Azure on-ramp is available. It reduces the hardware requirements dramatically.
In terms of security tools, it takes the VPN and CASB environments, and ZTNA and combines them all into one tool for management. It reduced the amount of software we need to license for our stores and the management work. Among the tools we have eliminated are NetSkope and Cisco's AnyConnect.
That consolidation has helped reduce our capital expenditures. On one product that we no longer purchase, we are saving about $180,000.
An additional benefit is that it has helped free up staff because it's easy to configure, deploy, and manage. The networking team loves it because they don't have to do nearly as much, and our help desk staff doesn't get a ton of calls about connectivity issues. As a guess, it saves us somewhere between eight and 16 hours a week.
It has greatly enhanced our efficiency because users are less confused and easily connected to the environment, and the product itself was quickly and easily adopted by our organization.
What is most valuable?
There are several valuable features. First, it's extremely easy to deploy and configure. Second, the performance is greater than a standard VPN.
In addition, it's a secure connection to where a connection is needed. All of our retail resides in Azure and because Atmos is deployed throughout the world, our stores on-ramp at the closest internet provider. That means they on-ramp at the closest AWS, Google, Oracle, or Azure site, and then they use the high speed that those providers give us to get to our Azure tenant. It's much faster than running a standard ISP and running it back to your data center and then back out to Azure.
It's also quite easy to configure Atmos's interface to provide a single pane of glass for ZTNA, secure web gateway, and cloud access security brokers. Through access roles, I have networking folks do the networking they need to do, and the security people have access to it for their portion of it. For example, they determine which websites you're allowed to go to.
Another great aspect is that it can be used for troubleshooting purposes. If one of our stores has issues, we can look at it and see where other iPads in the store are connecting and what their traffic is. At that point, we know the issue isn't with the store or the access, it's with that specific iPad. Or sometimes security wants to see where people are going. They may want to look at the traffic to see if there are websites that they're not blocking and that people spend a lot of time on. If those sites are not sites we would normally block, but we don't want people spending a lot of time on non-work-related sites, they can block them.
It has many tools, it's quite easy to configure, and you can configure it for your different organizations. I quite like it.
I would give it an A-plus for securing access to our applications, devices, and network. It does an extremely good job. Our security folks have analyzed it and tried to find loopholes, but they found none.
I give it another A-plus on its ability to support a variety of ports and protocols. We have some extremely old latency-type programs that we're able to make work through Atmos. And all of our newer stuff works as well. The fact that it's flexible with both modern applications and the older stuff is a big plus.
And it gets an A-plus again when it comes to establishing trust for every access request, no matter where it comes from. The tool has many ways of doing that as well; for example, certificates and trusted devices. It's beautiful that we don't have to worry about it. That's not to say that we don't monitor it, but it's very nice to look at a tool and know that it's as secure as it can get. It's more secure than a standard VPN that we would have used for our stores.
The fact that Atmos simplifies access management, while it's not a 100 percent must-have, it's a very nice aspect. It reduces the learning curve for any new staff we may hire. It's a plus in that area, but it wasn't a deciding factor in our choosing to go with the tool.
What needs improvement?
Atmos is good for securing infrastructure from end to end, detection and remediation of threats, but there may be a few features that could be added to make it a little easier for networking and security folks to analyze the traffic. There are bad actors out there and they may or may not show up through the tool. That's something they can add.
They need to improve the networking and security tools a little in the troubleshooting and "bad-actor" areas to help us analyze security threats a little better. They have some things built in, but I would like to see more advanced tools.
There are major vendors out there, and if you use their VPN connection that's not going to help you without buying one of their other products. So that's a similar type of situation. However, they do give you a little more bang for the buck when it comes to monitoring. So I can see an improvement there, in Atmos, in the future.
For how long have I used the solution?
We have been using Axis Security for over 18 months.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
The scalability is awesome. I can scale out in a matter of minutes.
We have it deployed across the United States, coast to coast, in well over 700 stores. In each of those stores, there are anywhere from five to 10 devices. We also have about 50 developers in the US and India who use it as well.
How are customer service and support?
Their technical support is great. When we have had issues, if we couldn't figure them out ourselves, we contacted them, and they figured them out really quickly.
We have a very old application where you hit a web link and it opens an application on your desktop. It's not a web app and it doesn't reside on your laptop. Their support is working with us to see if we can deploy it using their web portal option. We've never needed that, even though we have all the other apps configured that way, just in case an associate needs to use their own personal laptop because their work laptop breaks. This old app is the only one we couldn't make run, and their support has jumped in and is helping us configure things to make it work.
They're very good and they're smart.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We used Cisco AnyConnect with VeloCloud hardware at each of our stores. We switched to Axis Security because of performance, ease of maintenance, and the fact that it saved $180,000 on licensing costs. I don't know how much we saved on hardware, but we saved that amount on VeloCloud for our 700-plus sites. That's a fair amount of money. And Atmos is a more secure solution for us.
How was the initial setup?
It was straightforward to deploy.
We deployed it into our environment and assigned some of our store iPads to it to do a PoC assessment. After I, as a solution architect, evaluated it, I involved more individuals, including our security analyst and network engineers and they evaluated the tool. Once we felt it was a good choice, we picked 10 stores out of our 700-plus stores, informed them what we were going to do, and cut them over to using the tool for their connection. We used our MDM tool to push the agent to the iPads, and then the users logged in to the Atmos agent. We then did a pilot of about 25 stores and, then, over a weekend we deployed the agent to all of our iPads.
It doesn't really require any maintenance. The tool itself tells you if it's going to do a patch, and you just schedule a change during that time period. It automatically updates the agent while you're on it. There's no downtime required. We do power down the Azure connectors at night and just leave one because if a store isn't open, there's no reason to have a connector spending money in Azure. Atmos is a very good tool because you can do that, you can power those connectors down and power them back on in the morning with scripts.
What about the implementation team?
It was done in-house. One person deployed it to all of the iPads. It's quite easy to work with.
What was our ROI?
We saw return on our investment in the very first billing cycle when the renewal came in for our AnyConnect for our stores. Right then, we saw how much we are saving.
What's my experience with pricing, setup cost, and licensing?
The pricing is quite fair. It's better than what we gave up, which was Cisco AnyConnect.
Which other solutions did I evaluate?
We looked at Zscaler. Atmos was a lot easier to deploy and use. I didn't know anything about the tool at all, but I was able to deploy it, put it into a PoC, and have it running on machines within less than 30 minutes.
What other advice do I have?
Because our parent company doesn't actually use Atmos, they are evaluating it with us because they are very interested in some of the success stories that we've had with it.
My advice is to truly look at the tool. There are a lot of folks that evaluate products just to check off a box before they go with the one that they really want to use, because they might have used that vendor forever. In this case, really look at the product because you will find a better product than what you normally use.
Having worked with several products like Atmos, I give it a 10 out of 10.
*Disclosure: I am a real user, and this review is based on my own experience and opinions.