We performed a comparison between Illumio and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, Akamai, Cisco and others in Cloud and Data Center Security."The solution helps to maintain logs and monitor activities. It also helps us with access management. The tool helps us to secure organizational data that include files."
"It has helped us to understand internal network visibility and firewall policy implementation. We use the product to simplify firewall policy implementation."
"The features that I have found most useful is the ability to centralize all the rules and then distribute them across various locations. However, I've encountered challenges related to tagging policies, which can be complex to devise. It's a matter that requires careful consideration and stakeholder involvement before implementing such policies."
"The product provides visibility into how the applications communicate and how the network protocols are being used."
"The flexibility of the solution is its most valuable feature."
"The solution is easy to use."
"The most valuable feature of Illumio Adaptive Security Platform is monitoring. When I have no requirement from the other application, I can use the web block traffic to build."
"The Explorer allows you to know the traffic between source and destination."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."
"Vectra AI generates relevant information."
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day."
"The product’s agents don't work very well in OT environments."
"Illumio Adaptive Security Platform could improve by supporting more operating systems. For example, Cisco and Apache appliances."
"I would like to see better data security in the product."
"It requires a low-level re-architecting of the product."
"The solution is very basic and doesn't do anything other than the orchestration of layer four endpoint firewall rules."
"The customer service is lagging a bit. It could be better."
"The interaction we've had with the support team hasn't been ideal. Technical support should be improved."
"Some of the features that can be improved is offer additional guidance on creating an effective and risk-free tagging policy would be highly beneficial."
"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."
"Some of their integrations with other sources of data, like external threat feeds, took a bit more work than I had hoped to get integrated."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"There is room for improvement in the documentation. We would like to have more details on how it detects what we see."
"An area for improvement in Vectra AI is reporting because it currently needs some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers. Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."
"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
Illumio is ranked 4th in Cloud and Data Center Security with 8 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Illumio is rated 8.0, while Vectra AI is rated 8.6. The top reviewer of Illumio writes "Pprevents attackers or threats from spreading or moving laterally". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Illumio is most compared with Akamai Guardicore Segmentation, VMware NSX, Cisco Secure Workload, Zscaler Internet Access and Darktrace, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Fortinet FortiOS.
We monitor all Cloud and Data Center Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.