We performed a comparison between Illumio and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, Akamai, Cisco and others in Cloud and Data Center Security."The features that I have found most useful is the ability to centralize all the rules and then distribute them across various locations. However, I've encountered challenges related to tagging policies, which can be complex to devise. It's a matter that requires careful consideration and stakeholder involvement before implementing such policies."
"The flexibility of the solution is its most valuable feature."
"The solution helps to maintain logs and monitor activities. It also helps us with access management. The tool helps us to secure organizational data that include files."
"The most valuable feature of Illumio Adaptive Security Platform is monitoring. When I have no requirement from the other application, I can use the web block traffic to build."
"The product provides visibility into how the applications communicate and how the network protocols are being used."
"It has helped us to understand internal network visibility and firewall policy implementation. We use the product to simplify firewall policy implementation."
"The Explorer allows you to know the traffic between source and destination."
"The solution is easy to use."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into."
"Scalability wise, we have many sensors, and Vectra AI seems to handle them all very well."
"It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those."
"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"The product’s agents don't work very well in OT environments."
"The solution is very basic and doesn't do anything other than the orchestration of layer four endpoint firewall rules."
"I would like to see better data security in the product."
"Some of the features that can be improved is offer additional guidance on creating an effective and risk-free tagging policy would be highly beneficial."
"It requires a low-level re-architecting of the product."
"The interaction we've had with the support team hasn't been ideal. Technical support should be improved."
"The customer service is lagging a bit. It could be better."
"Illumio Adaptive Security Platform could improve by supporting more operating systems. For example, Cisco and Apache appliances."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
"We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they send us more data that we can incorporate into our SIEM, then can correlate with other events."
"The rules for threats are not always precise and Vectra AI should improve this."
"We had another product with Vectra AI and used the MDR solution as an add-on. Initially, it wasn't fully appropriately configured, so we didn't get the expected results. Even once configured correctly, we weren't fully satisfied with its response. The issue was both with their service response and the product's capabilities."
"In education as a sector, we are looking at AI a lot in terms of how it can be used as part of the teaching and learning side of things. It would be great to have Vectra AI look at a better way to enhance the security posture related to the AI tools in our portfolio."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
Illumio is ranked 4th in Cloud and Data Center Security with 8 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Illumio is rated 8.0, while Vectra AI is rated 8.6. The top reviewer of Illumio writes "Pprevents attackers or threats from spreading or moving laterally". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Illumio is most compared with Akamai Guardicore Segmentation, VMware NSX, Cisco Secure Workload, Zscaler Internet Access and Darktrace, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Fortinet FortiOS.
We monitor all Cloud and Data Center Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.