What is our primary use case?
Like most companies, we don't necessarily know what ports are necessary for our applications to talk to each other, so we're hoping to get insight on that for increasing our microsegmentation with NSX.
In terms of monitoring network flows, we're just looking specifically at the flows within one VDS, so we can dive down through that VDS and isolate virtual machines. Then it gives us that visualization. We have not moved into the physical side of that at this time.
It's performing very well. We're still going through the learning pains so we haven't quite got out of it most of what we're looking for, yet. We understand that it is in there, we just don't understand how to get it yet.
How has it helped my organization?
We're only at the evaluation stage but the benefit we're looking for is to speed the production deployment of the applications in a microsegment environment. We would love to get to that ring of Zero Trust but we're just not there today.
What is most valuable?
The most valuable features for us are the visualization of the applications. We can actually take them and expose them to our applications analysts as well because they want to know, it's just that they're not necessarily exposed to ports. As somebody told me the other day, "A port is something you plug a cable into."
The solution is also extremely intuitive and user-friendly. When you log in to the application you are presented with a dashboard that is very reasonable for an initial user, and you can then customize it to your specific needs. But for all the data that we've found, we've only had to go through two or three drill-downs to get into that information. So far, we haven't found anything that is very misleading. Sometimes you'll get into some misleading things, "Oh, this is not where I wanted to be," but we really have not found that with the product.
What needs improvement?
One of the things I've asked about is regarding Log Insight, with their syslog collector. There seems to be a lot of overlap between that and vRNI. I've asked if one of those is going away or if they're moving together and I really haven't been able to get a clear answer. I would like to know that.
For how long have I used the solution?
What do I think about the stability of the solution?
It's been very stable. We have not had any problems at all with the deployment.
What do I think about the scalability of the solution?
We haven't made it to the point where we're scaling yet. We haven't hit any performance issues that would cause us to evaluate the scalability.
How are customer service and technical support?
Technical support is very responsive, knowledgeable, and they're quick to get things done.
Which solution did I use previously and why did I switch?
We didn't have anything in this space on the virtual side. As we moved deeper into the virtualized world, we lost some of those traditional physical network visibility tools. We were using some of the native NSX visibility tools incorrectly and causing NSX problems, trying to expose that information to our analysts. This was the solution that they gave us that would fix that. I think AppDefense now adds some of that back, but hopefully, they'll work together.
The most important criteria when we're looking at a vendor are
Which other solutions did I evaluate?
We initially went with what we were using on our traditional memory side, your traditional network monitoring. CA Spectrum is what we use on that side. We've looked at that and some basic netflow monitors.
What other advice do I have?
We would absolutely recommend it. In fact, we've had that experience where it was recommended to us and we said, "We need this, we need to do this."
We are very positive so far with everything we've seen in this tool.