How has it helped my organization?
We have an FTP infrastructure that is accessed by customers. As FTP service is quite vulnerable if not secured properly, before implementing Dome9 we had to apply multiple security solutions on the FTP servers.
Dome9 wrapped the FTP infrastructure with its network security configurations. This gives us the ability to monitor FTP activity as well.
What is most valuable?
- Centralized firewall management for both Windows and Linux distros - This is something that everyone is looking for. The initial version of Dome9 was one where you managed all the rules centrally in Linux and Windows, which was quite challenging. Now, to see in a single pane of glass, all the agents, all the rules, everything that is going on in out datacenters, is quite valuable.
- Visibility of the security configurations
- Clear view of the security configurations and connections across environments (DMZ, external and internal networks)
- The user interface is responsive and quite intuitive; when selecting an object it automatically shows the relevant actions
What needs improvement?
I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
I don’t recall any stability issue from the first time we used it. It has been solid and reliable.
What do I think about the scalability of the solution?
I didn’t encounter any scalability challenges. According to the vendor, we are far from the limit that has been tested by the vendor so far.
How are customer service and technical support?
The technical support has been very professional and helpful. They are knowledgeable and answer our questions in a timely fashion.
Which solution did I use previously and why did I switch?
We had been using iptables on Linux servers but it was missing centralized management. Also, configuring firewall security rules was quite a nightmare, especially testing.
How was the initial setup?
The initial setup was straightforward, as the solution is quite intuitive.
What's my experience with pricing, setup cost, and licensing?
In order to obtain better pricing, I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two. The company has multiple modules that you purchase independently or in groups, depending on your needs.
Which other solutions did I evaluate?
When we did market research five years ago, there were not many alternatives in the market for our purposes. We looked at Kaspersky Lab and Trend Micro but they didn’t address our needs.
We ran a PoC with Dome9 and it was transformed quickly into production.
What other advice do I have?
My advice would be:
- Share your project goal(s) with the vendor to help you map the functionalities and modules needed, to be implemented in phases, during implementation.
- Map your existing security configurations and create a lab to test them with and without Dome9.
- Implement the solution progressively and look at the logs in the Dome9 application to learn about the network activity.