Akamai Guardicore Segmentation Reviews

We are using it to segregate all of our different environments: staging, production, QA, as well as our applications. We are essentially replacing our traditional, internal firewalls and depending completely on Guardicore to secure all of our applications.

We've been able to secure older applications in a way that we really couldn't before, which has been a nice benefit. 

It's also allowed us to build out an entire new data center topology without having to worry so much about where we place physical or virtual firewalls that can create bottlenecks. We can focus more on building a really fast and responsive network topology. Security devices, things like a traditional firewall, can often be a bandwidth or throughput bottleneck. But with Guardicore, since the firewall is running on every single server individually, and they're working together, you can just build a really big, fast, redundant network and not have to worry so much about those security bottlenecks.

The primary use case was for segmentation.

The range of platforms and operating systems that the solution covers seems good. Currently, we use it for all our Linux operating systems and some of our Windows environment.

We just deployed agents to Guardicore in our data center.

We are using the latest version of the solution.

We recently did a database migration from Solaris to Linux. The Solaris platform had dedicated hardware firewalls to segment it off. By moving to Linux, we were able to use Guardicore and do our network segmentation through it. Therefore, we didn't have to invest in hardware.

We want segmentation for a data center, and we have the problem that we cannot change IP addresses within the data center. So we need a solution. With the Guardicore solution, we can keep the IP addresses. 

Additionally, we get agent-based segmentation, and we don’t have to change anything on the network. These are the main reasons why we chose Guardicore for micro-segmentation.

The enforcement points under the agent, the firewalling has been most beneficial for your customers’ cybersecurity needs specifically. We do not need any further security features like IDS, IPS, or whatever. For us, it’s only the firewall feature, and that’s part of the enforcement point of the Guardicore agent. So that was completely enough for us.

We use GuardiCore for East-West data traffic in the data center, micro-segmentation, and security policies. We also use GuardiCore for ransomware protection and analyzing the East-West traffic in a data center.

For an example of the capability of GuardiCore, I know one client who immediately after installing it in their data center, within the first 30 days, discovered a major problem. Two internal employees were stealing their proprietary code. They were copying it to a USB drive. That discovery alone justified to the client the cost of implementing the solution.

The change control in GuardiCore has improved our efficiency by over 75% in terms of implementing security policies. The efficiency of the security team was improved by over 100% in terms of analytics, monitoring, and responding to incidents. 

Most of our clients are small teams. Most of our security teams are three people or less, so these uptake numbers are for them.

We are trying to centralize our firewalling as well as provide application segmentation and environment segmentation.

We have a couple of aggregators onsite and the rest are on the cloud.

It has given us better oversight of the traffic between our development and production environments and how we can stop unnecessary traffic, e.g., development teams accessing production can cause risks that you are not aware of. 

Guardicore Centra saves time when completing a segmentation project versus a traditional toolset. Since we already have a solution in place, we have a fitted process of removing the old segmentation and adding the new. However, you can run them in tandem so that is always a benefit; you can do it over time rather than as one big bang.

In our company, we have a data center that has approximately 200 servers running Nutanix. We wanted to protect these servers from both internal and external attacks. By implementing Guardicore Centra, it has given us defense against attacks from the outside, as well as those that originate from inside of the organization.

We protect Microsoft machines, as well as some that are running Linux. We also have an SAP HANA database that is protected by Guardicore.

We have no downtime when we use Guardicore Centra for segmentation. This is important to us because we're an industrial company and we operate 24/7. We cannot afford to have even one minute of downtime, which is one of the reasons that we chose this solution.

We bought this system several months before the trouble with COVID happened. During that time, a lot of people started to work from outside of the organization. With all of the staff starting to work from home, other companies started to think about how to protect their servers when the users are outside. Also, attacks against endpoints and the data center were on the rise, so it was important to better protect them. I felt safe knowing that I had this kind of defense for the data center.

One example of this happened a few months ago when we received a letter that said we needed to update the on-premises Exchange server. It was a problem from Microsoft and it required that our server be updated to be more secure. Guardicore called us to say that they have witnessed cases where people from other countries were trying to use this exploit to get into the data center, so we blocked it immediately.

All of our servers are now behind Guardicore. The clients are not. From my perspective, the endpoint clients are attackers and my intention is to protect the servers.

It's micro-segmentation.

The label-based segmentation is the most valuable feature.

We are using Guardicore Centra mostly for security. I work in the cyber security department at MONEX, and we use this solution mostly for visibility. The product offers good visibility of what is going on in the network and the connections that the servers are making, regardless of the platform that they are on. They could be on-premise, on the cloud, or virtual.

I'm recently working on micro-segmentation of our principal payment applications, like SWIFT.

We use Guardicore Centra mostly in security, because I'm in charge of security. It helps provide us with some alerts about some suspicious behaviors on some of the systems that we have been able to correct right away. That is the main benefit that we have with Guardicore Centra, other than doing micro-segmentation. 

We use it most for visibility. It has even provided good information about some of the connections that I am making in and out of the system. So, we are able to correct some behaviors and kill some applications that are suspicious to the infrastructure.

Once you are familiar with the tool, you can make segmentation rules, then apply them to all the agents. We have been securing some of the machines that we are using in Azure. In that way, we are able to put segmentation rules in those machines. We are saving with the Azure Firewall because we are using the Guardicore Centra agents, which gives us some advantages.