JaredDeanVP Cloud Operations at VVL systems
Saurabh ChandratreDirector Solutions Architect - EMEA & APAC at Blue Medora
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The best feature is time to value. With very minimal effort, you are able to have a cohesive view into your security posture on one or multiple cloud accounts, particularly if you are dealing with multicloud. If you have Azure and AWS deployments, you might have multiple subscriptions in Azure and usually multiple accounts in AWS. You may even be doing some GCP work (around Google Cloud Platform). It's very difficult to manage a common set of policies, even less reporting, across multiple subscriptions, accounts, and cloud environments. What BMC Helix Cloud Security does is provide a unified view or single pane of glass as to your baseline. Then, it also facilitates the ability for Level 1 or 2 operations support to take action and report on security vulnerabilities."
"The cool feature of Helix Cloud Security is that you can do all that — understand and remediate issues — in one dashboard, based on the different policies that are available for security, out-of-the-box."
"It's also multi-cloud. You can look at several cloud providers: AWS, Azure, or GCP."
"The features that I've found most valuable are its container security aspect. I also like its vulnerability management tools."
"Vmware always gives us the best support. They are friendly to talk to and they understand the real impact of what's happening. They are trying to get into the issue as one of your team. They also fit into your working hours to solve your issues."
"The most valuables features are the collection of assets, security, and configuration data settings from each networked virtual environment in the system."
"The tool helped the organization in all monitoring tasks when being delivered as a service for customers helps them to generate early alarm templates, being a cloud service provider is delivered as part of the IaaS to generate memory consumptions processing and storage additionally can be configured parameters such as networking and services that are configured on virtual machines."
"One of the most attractive features in vROps is collecting information, logs, and events and, after that, providing proactive predictions about usage of resources. vROps also offers recommendations. For example, in the next two months we might face problems with CPU usage. vROps predicted and forecasted these issues in advance. That's a very useful feature."
"It has been helpful around capacity planning, which we traditionally did on a yearly basis. However, since last year, I started using vROps to reclaim and save more resources. It has been helpful along those lines."
"The most valuable feature is the ability to check the right-sizing of a machine because that way I can assign the real resources that are needed."
"One of the best features is the monitoring. It gives you proactive recommendations, based on the information that you have. It recommends changes. For example, if an ESX service is heavily loaded, it will tell you to make some changes, such as storage optimizations. Every tool does monitoring, but this one gives you more proactive monitoring, with the recommendations and actions that are needed."
"The capacity planning is one of the most valuable features. That is brilliant."
"Every organization out there doesn't rely on just one control body. They use FISMA control. They may use HIPAA, CIS, PCI, or SOX, then blend them. One of the things that is now in big demand for BMC Helix Cloud Security is content. That's the next journey in its lifespan, making it easier for the community to share and collaborate on content for security controls that can be measured and remediated."
"We've had some with issues connectors. The connectors have seemed to have caused a little bit of trouble, perhaps with the APIs trying to scan the environment. The only time I've had to reach out to tech support was for that. It seems it may not have been scanning correctly or I wasn't seeing data within a specific time. But we've set up a couple of connectors in the past couple of weeks and they actually scanned the AWS environment and we had data within about 10 minutes. It's working a lot faster and I think they're making improvements as they go."
"The UI could be more user-friendly."
"They can change the interface for the 6.7 vSphere that would make it more simple and more friendly. I think changing the interface of the operations manager would be good. It's friendly to use right now but it would simplify it more."
"Certificate Management should be simplified for non-technical staff members."
"The database services in the tool as backup services are friendly and can be deployed in the release to production. However, in the new features, I would like to include more online documentation that can help service generate early alerts."
"There is room for improvement in asset management and resource usage."
"If I could integrate with vCenter with vROps, then I could execute more things by managing vSphere from within vROps. That would be great."
"There is room for improvement when it comes to the integration with Active Directory. Sometimes I need to log in to the application using my Active Directory account, instead of using the regular admin for vRealize Operations. If I want to deploy this tool to more users, I need that."
"If it could help with calculating on-prem costs, based on their experience, it would help customers determine whether to remain on-prem or move to the cloud."
"For the initial setup, there should be some sort of auto discovery of the environment. That should be enabled. It has the ability to discover a main node, but it could still be made easier, to reduce the initial configuration and setup time."
"It is a subscription model with term licensing that is usually yearly. This includes, not only the product, but support and maintenance. It is based on cloud assets. Therefore, if you have 100 cloud assets, those cloud assets are measured based on evaluation or transactions. For example, if I'm evaluating that cloud asset for CIS compliance, PCI compliance, and AWS best practices, that asset gets evaluated three times, as those are three transactions. However, the license model is based on peak asset usage. So, over a year, if you deploy 100, 1000, 500, and then 2000 assets, you will be charged for the 2000 peak of assets managed by Helix Cloud Security."
"The pricing is based on an annual subscription, upfront, and it's based on cloud assets. Whether your assets are in Azure and AWS combined, the tool tells you how many assets are being scanned and that's the number used for pricing."
"The initial costs are a bit on the higher side but the licensing is flexible."
"The solution has a huge cost. If we could just have one license covering everything that vROps can do, that would be great. I would prefer it this way."
"The pricing is a little bit expensive. Licensing is an issue because there are always changes, and by that I mean cost increases. And that's not only for vROps but for VMware, vSphere, and all the products that are involved."
"Every VMware product is a licensing challenge. It's always costly. It's based on processors. From a technical side, the product is very good. The challenging part is always the licensing. They should have some kind of alternate pricing models."
"vROps is a bit expensive and that's a reason that small clients say, 'No, I don't think we need this.' From a pricing perspective, it is quite steep. But 'expensive' is relative, depending on what you need. Others might say, 'It is expensive, but I think we can use it to better our environment.'"
"When we last did a comparison of solutions, the pricing was equal or similar."
"Five or six years ago, when we took it, it was a very good option. Now, I think I have to reevaluate, to be honest."
Earn 20 points
BMC Helix Cloud Security (formerly TrueSight Cloud Security) automates cloud resource configuration security checks and remediation across AWS, Azure, and Google Cloud. With Helix Cloud Security, configurations of cloud resources and containers are managed consistently, securely, and with an audit trail. Because it is SaaS, there is nothing to install. You can literally begin automating your cloud security posture management in minutes.
• Automated cloud configuration security
posture management (CSPM) using Center
for Internet Security (CIS) policies for
cloud assets on AWS, Azure, and GCP
• Automated remediation - no coding or scripting required
• Ready-to-use policy packs for CIS, PCI, and GDPR, and support for custom security and compliance policies
• Full-stack container configuration security, including Kubernetes pods, host, Docker daemon,
image, and Docker container
• Integration with incident & change
• Alerts, reports, exception management, RBAC, and multi-tenancy
Automate IT operations management, manage performance and gain visibility across physical and virtual infrastructure with VMware vROps. It proactively identifies and solves emerging issues with predictive analytics and smart alerts, ensuring optimum performance and availability of applications and infrastructures across vSphere, Hyper-V, Amazon and physical hardware.
BMC Helix Cloud Security is ranked 9th in Cloud Workload Security with 3 reviews while VMware vRealize Operations (vROps) is ranked 1st in Virtualization Management Tools with 13 reviews. BMC Helix Cloud Security is rated 8.4, while VMware vRealize Operations (vROps) is rated 8.6. The top reviewer of BMC Helix Cloud Security writes "Gives you a cohesive view into your security posture on cloud accounts". On the other hand, the top reviewer of VMware vRealize Operations (vROps) writes "Enabled us to cut the cost of resources and manage our infrastructure with a smaller team". BMC Helix Cloud Security is most compared with Prisma Cloud by Palo Alto Networks, Turbonomic, Dome9, VMware vRealize Automation (vRA) and Zscaler Internet Access, whereas VMware vRealize Operations (vROps) is most compared with VMware vRealize Automation (vRA), Turbonomic, VMware vSphere, Veeam ONE and vCenter Orchestrator.
See our list of .
We monitor all Cloud Workload Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.