We performed a comparison between Illumio and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, Cisco, Akamai and others in Cloud and Data Center Security."It has helped us to understand internal network visibility and firewall policy implementation. We use the product to simplify firewall policy implementation."
"The Explorer allows you to know the traffic between source and destination."
"The most valuable feature of Illumio Adaptive Security Platform is monitoring. When I have no requirement from the other application, I can use the web block traffic to build."
"The solution helps to maintain logs and monitor activities. It also helps us with access management. The tool helps us to secure organizational data that include files."
"The solution is easy to use."
"The flexibility of the solution is its most valuable feature."
"The product provides visibility into how the applications communicate and how the network protocols are being used."
"The features that I have found most useful is the ability to centralize all the rules and then distribute them across various locations. However, I've encountered challenges related to tagging policies, which can be complex to devise. It's a matter that requires careful consideration and stakeholder involvement before implementing such policies."
"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."
"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"Some of the features that can be improved is offer additional guidance on creating an effective and risk-free tagging policy would be highly beneficial."
"I would like to see better data security in the product."
"It requires a low-level re-architecting of the product."
"The customer service is lagging a bit. It could be better."
"Illumio Adaptive Security Platform could improve by supporting more operating systems. For example, Cisco and Apache appliances."
"The solution is very basic and doesn't do anything other than the orchestration of layer four endpoint firewall rules."
"The interaction we've had with the support team hasn't been ideal. Technical support should be improved."
"The product’s agents don't work very well in OT environments."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."
"In education as a sector, we are looking at AI a lot in terms of how it can be used as part of the teaching and learning side of things. It would be great to have Vectra AI look at a better way to enhance the security posture related to the AI tools in our portfolio."
"For S&D account scans, it would be easier if Vectra AI could triage with users. If a client uses a lot of accounts, then it could indicate that these accounts are benign, for example. That would help a lot."
"The UI/UX and detection could be improved. More detections of specific security events could be useful. We've had a few incidents that were not detected by Vectra. The teams are working on it right now, but more detection is always better."
"An area for improvement in Vectra AI is reporting because it currently needs some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers. Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
Illumio is ranked 4th in Cloud and Data Center Security with 8 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 40 reviews. Illumio is rated 8.0, while Vectra AI is rated 8.6. The top reviewer of Illumio writes "Pprevents attackers or threats from spreading or moving laterally". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Illumio is most compared with Akamai Guardicore Segmentation, VMware NSX, Cisco Secure Workload, Zscaler Internet Access and Trend Micro Deep Security, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and SolarWinds NetFlow Traffic Analyzer.
We monitor all Cloud and Data Center Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.