We performed a comparison between Illumio and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, Cisco, Akamai and others in Cloud and Data Center Security."The solution helps to maintain logs and monitor activities. It also helps us with access management. The tool helps us to secure organizational data that include files."
"The Explorer allows you to know the traffic between source and destination."
"The most valuable feature of Illumio Adaptive Security Platform is monitoring. When I have no requirement from the other application, I can use the web block traffic to build."
"The solution is easy to use."
"The features that I have found most useful is the ability to centralize all the rules and then distribute them across various locations. However, I've encountered challenges related to tagging policies, which can be complex to devise. It's a matter that requires careful consideration and stakeholder involvement before implementing such policies."
"The flexibility of the solution is its most valuable feature."
"It has helped us to understand internal network visibility and firewall policy implementation. We use the product to simplify firewall policy implementation."
"The product provides visibility into how the applications communicate and how the network protocols are being used."
"It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response."
"Vectra AI helped our team be more productive and save time. We have less work thanks to it."
"It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution..."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"Some of the features that can be improved is offer additional guidance on creating an effective and risk-free tagging policy would be highly beneficial."
"The customer service is lagging a bit. It could be better."
"The solution is very basic and doesn't do anything other than the orchestration of layer four endpoint firewall rules."
"It requires a low-level re-architecting of the product."
"I would like to see better data security in the product."
"The product’s agents don't work very well in OT environments."
"Illumio Adaptive Security Platform could improve by supporting more operating systems. For example, Cisco and Apache appliances."
"The interaction we've had with the support team hasn't been ideal. Technical support should be improved."
"ExtraHop has better features that seem more advantageous when compared to Vectra."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
"I think Vectra AI's automation, reporting, and integration could be improved."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
"We are using SMB 3.0, which is an encrypted protocol. When we get some alerts or something, we cannot go deep into the protocol to see what's wrong because it's encrypted. We need to decrypt the protocol in another way, which is quite difficult. We might go back to SMB 2.0 just for this reason, but that's not a good solution."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
Illumio is ranked 4th in Cloud and Data Center Security with 8 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 40 reviews. Illumio is rated 8.0, while Vectra AI is rated 8.6. The top reviewer of Illumio writes "Pprevents attackers or threats from spreading or moving laterally". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Illumio is most compared with Akamai Guardicore Segmentation, VMware NSX, Cisco Secure Workload, Zscaler Internet Access and Darktrace, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Fortinet FortiOS.
We monitor all Cloud and Data Center Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.