When we have more than one interface, we can only have one policy for both interfaces. Normally, you have assets with a production interface and a server interface that are only for management. But in the Guardicore architecture, you cannot give the production interface its own rule set and the management interface another rule set. You have to combine these rule sets into one. It’s a lack because security standards suggest a different way to secure management interfaces. So, I would like to have two separate rule sets for the basis of the device.
Incident tagging could be improved. Other vendors offer semi-automatic tagging, which Guardicore doesn't yet have. The rest of the features are already industry standard.
It's not easy to learn to use this program. It would be very helpful for beginners if the solution had more windows to help with the terms inside instead of going to the documentation.
There are always areas for improvement. It doesn't support a PAAC solution (Platforma as a service) in the cloud. So that could be improved. In future releases, I would like to see more integration with other products.
Guardicore Centra should incorporate automation so that we aren't required to write custom scripts by leveraging APIs quite often. The tool also has limitations on overall policy rules that can be configured on the platform (60k rules) which seems a lot but with big chatty applications and a huge application count to segment, this limit can turn out to be small if the goal is to segment a lot of application servers. Operationally there are too many clicks and analyses needed to do quick and safe changes (for e.g. label replacement) in the production environment. I think that the incorporation of automation templates for some standard use cases can help clients make changes with confidence and without the possibility of human error.
Learn what your peers think about Akamai Guardicore Segmentation. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
Senior Principal Consultant Cloud/DevOps/ML/Kubernetes at Opticca
Real User
2021-12-13T15:24:00Z
Dec 13, 2021
Supports become difficult when it's for a big organization. For a small organization, medium organization, it still makes sense, however, for a big organization, it makes life difficult. We would like to be able to go agentless. I'd like support for all types of Kubernetes and service mesh. They say, "Ah, we support this, we support that." This is not the case.
Information Security Engineering Consultant at a university with 1,001-5,000 employees
Consultant
2021-05-06T01:57:57Z
May 6, 2021
They can maybe improve their customer service just because they are kind of a small organization, and customer service isn't as big as others such as VMware.
Akamai Guardicore Segmentation is a software-based microsegmentation solution that provides the simplest, fastest, and most intuitive way to enforce Zero Trust principles. It enables you to prevent malicious lateral movement in your network through precise segmentation policies, visuals of activity within your IT environment, and network security alerts. Akamai Guardicore Segmentation works across your data centers, multicloud environments, and endpoints. It is faster to deploy than...
When we have more than one interface, we can only have one policy for both interfaces. Normally, you have assets with a production interface and a server interface that are only for management. But in the Guardicore architecture, you cannot give the production interface its own rule set and the management interface another rule set. You have to combine these rule sets into one. It’s a lack because security standards suggest a different way to secure management interfaces. So, I would like to have two separate rule sets for the basis of the device.
Incident tagging could be improved. Other vendors offer semi-automatic tagging, which Guardicore doesn't yet have. The rest of the features are already industry standard.
It's not easy to learn to use this program. It would be very helpful for beginners if the solution had more windows to help with the terms inside instead of going to the documentation.
Kubernetes is not installed in the way we need it.
There are always areas for improvement. It doesn't support a PAAC solution (Platforma as a service) in the cloud. So that could be improved. In future releases, I would like to see more integration with other products.
Guardicore Centra should incorporate automation so that we aren't required to write custom scripts by leveraging APIs quite often. The tool also has limitations on overall policy rules that can be configured on the platform (60k rules) which seems a lot but with big chatty applications and a huge application count to segment, this limit can turn out to be small if the goal is to segment a lot of application servers. Operationally there are too many clicks and analyses needed to do quick and safe changes (for e.g. label replacement) in the production environment. I think that the incorporation of automation templates for some standard use cases can help clients make changes with confidence and without the possibility of human error.
Customers would want to see the cost improved.
Supports become difficult when it's for a big organization. For a small organization, medium organization, it still makes sense, however, for a big organization, it makes life difficult. We would like to be able to go agentless. I'd like support for all types of Kubernetes and service mesh. They say, "Ah, we support this, we support that." This is not the case.
They can maybe improve their customer service just because they are kind of a small organization, and customer service isn't as big as others such as VMware.