Guardicore Centra Review

Blocks active threats using threat intelligence


What is our primary use case?

We are trying to centralize our firewalling as well as provide application segmentation and environment segmentation.

We have a couple of aggregators onsite and the rest are on the cloud.

How has it helped my organization?

It has given us better oversight of the traffic between our development and production environments and how we can stop unnecessary traffic, e.g., development teams accessing production can cause risks that you are not aware of. 

Guardicore Centra saves time when completing a segmentation project versus a traditional toolset. Since we already have a solution in place, we have a fitted process of removing the old segmentation and adding the new. However, you can run them in tandem so that is always a benefit; you can do it over time rather than as one big bang.

What is most valuable?

So far, the most valuable feature has been the ability to have an overview of our firewall. As an added bonus, the network can easily look to see what traffic is going in and out, then block that traffic. Its threat intelligence automatically blocks the most dangerous threats, which is quite useful. It gives you an added bonus of protection as well as allows you to sort of centralize and control your firewalls more easily. It provides something that we don't normally have. Normally, we have an external firewall and a firewall to machines, but we don't have an overview of all the traffic. We don't have any way of aggregating it to look at it more easily. Guardicore Centra is a visual tool where we can view this, but we also can delve down into logs and look at what is happening more easily than going through logs, individual machines, etc.

The range of platforms and operating systems that the solution covers is good. It covers most of our operating systems, if not all. I don't think we have found anything so far that we have struggled to cover with it. We have been quite happy in that regard. Guardicore Centra is far superior in terms of using local firewalls on its own.

What needs improvement?

The maps could go a bit faster. They are useful but slightly slow.

For how long have I used the solution?

I have been using it for about four months.

What do I think about the stability of the solution?

I have not had any problem at all with stability. It has been perfect.

We have used the solution for segmentation in parallel with having our firewalls up in local servers. So far, we have not had a problem. We occasionally find a connection blocked by Guardicore Centra, but it is easy enough to go in and create a new rule for it. That is part of the process. Downtime has been fairly limited, and we have not had any real problems.

A couple of people are needed for maintenance: my boss (Head of Infrastructure) and me. It needs one person to maintain it and a backup.

What do I think about the scalability of the solution?

It is definitely easy to scale. It is easy enough to add agents, then you can use automated deployment features to ingest spreadsheets of agents.

From our perspective, it scales well. If we just add agents locally, then the cloud service picks them all up through the aggregators.

We are adding more agents daily, but that is partly because the solution has been successful so far. Therefore, we are planning to increase the scale and scale it up a bit.

There are about two to four people actively working on the system and using it, mostly just my immediate manager and me. There are three or four other people who access it occasionally. In terms of users who are affected by it, there are hundreds, if not thousands.

The security team has an active interest in it. They provide the funding, but they have user accounts. They generally leave it to us to configure. They may become more active for certain things and parts. They are more interested in encouraging different departments to use the product, then hand it over to them to actually manage it.

We have 150 servers so far and are increasing that to about 230. Then, the security team is talking about adding in user desktops on the universities side. Depending on what they add, there are hundreds, if not thousands more. So, we are definitely increasing usage by a lot.

How are customer service and technical support?

We met weekly with a Guardicore employee as we did the rollout to try and segment things. They were very knowledgeable and helpful when doing that.

Which solution did I use previously and why did I switch?

We generally used internal firewalls on individual servers with no solution, in terms of overseeing all the firewalls.

In terms of agility, Guardicore Centra is massively easier to control and manage. The security is good. With just the network logs, you get a better view of any active threats rather than in normal firewalls where you may not find out until sometimes after the fact. You can get notified as well.

How was the initial setup?

The initial setup was fairly straightforward and quite simple to do.

It is pretty simple overall to get a template and apply segmentation. You still need to think about how to apply it yourself to suit your needs, but it provides all the tools useful for that as well. The maps are useful. Using the templates to create rules gives you an easy start, then you can go in and refine it to suit your processes. Also, the Guardicore staff has been very helpful in helping us walk through the process and get what we needed out of the software.

It is very quick to secure applications and systems. You can get an agent installed very quickly. We started with 149 agents and will be adding another 100 agents over the next few weeks, as we move on to securing desktops as well as servers.

You can get results as soon as you have your aggregators up. You can get them in a day.

The initial deployment was done within a few days. Going through the process of segmentation and everything else takes months, but that is to be expected because it is not just about installing and running it. You have to walk through the process and logic of what you need, such as, thinking of and trying to improve the way that we are doing things at the same time, which this solution gives us the option to do.

Guardicore helped us plan strategies of how they thought we should roll it out. That helped us focus our minds a bit on how we should then do things.

What about the implementation team?

We installed aggregated agents with help from the Guardicore staff who were very helpful. We installed agents on a lot of virtual machines. It wasn't really complex; it seemed pretty straightforward.

The Guardicore staff were very helpful and knowledgeable. They helped give us guidance on how to do the setup. Any steps along the way that we needed to do were quite straightforward. Anywhere they needed to help us, they were quick to help, got their stuff done, and then passed it back to us. It was all a very smooth process.

The deployment was done by one Guardicore employee and me.

What was our ROI?

From day one, you get threat intelligence. It will immediately block active threats, which has been useful.

What other advice do I have?

Think about what you want out of the product and how your environments are set up. This will make it easier in the long run to deploy it. It is easy enough already, but if you know what you want from your environments, then the easier they will be to deploy.

It has helped me to clarify our thoughts about our environments and which applications we want controlled. That is a top down view that we don't normally get when looking at our systems. It makes it easier to look at systems and think of what we have and what we need to do with them, controlling the traffic between them.

Guardicore Centra definitely covers RHEL and all Windows machines. We have not rolled it out onto all our Windows machines yet, but we are planning on doing that next week. However, it should be able to cover them all. This is very important to us. There is no point in covering some machines and not covering the rest. It is better to have more machines on Guardicore Centra because it gives us a bit of an overview, then we don't have any blind spots.

We have gotten what we wanted from the solution based on everything that we have added to it.

I would rate the solution a nine out of 10 because of the ease of rollout, the oversight it gives you in terms of traffic in and out of your network, and the way it gives you an overview of all your systems and how you see the traffic. It helps you focus your mind around how you want your environment setup and how you can set it up in the future as well.

Which deployment model are you using for this solution?

Hybrid Cloud
**Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
More Guardicore Centra reviews from users
Learn what your peers think about Guardicore Centra. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
535,919 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest