ShieldX Other Advice

CIO0ee7
CIO at a comms service provider with 1,001-5,000 employees
Take a serious look at what you are spending today and cost model out what you might be spending in a ShieldX environment. You will see that it's very favorable. Very often, when new challengers come in, what they do is they end up coming in at a lower cost with more functionality. If you play it right, you can actually achieve more than one goal at the same time. That's better functionality with more rapid deployment and at a lower cost point. That's something which is important and very exciting. The Adaptive Intention Engine is important. The Adaptive Intention Engine explains what is the reason that we're doing this security infrastructure, what are we trying to get out of it, and what's the intent behind it? The problem with the way that things are done traditionally is you have an intent, but you now have to apply that intent in many places in order to achieve your goals. So, you end up with a duplication of effort in several areas. This is something which could take up quite a bit of time, both from an engineering, operations, maintenance, and troubleshooting perspective. If you have an issue now, you will need to look in two or three places to try and find the source of the issue. There was a lot of tracing which had to happen in our legacy operating method. In the new method, there is one place to design and apply a policy, which is simpler. It is important to work with a vendor who started their life in the cloud. Cloud vendors are pouring in a ton of money into R&D to the tune of up to $20 billion a year. They are adding a lot of features and capabilities that developers and operating staff want to leverage. Sometimes, three to five new features are appearing from cloud vendors every day. If you can imagine, it's like working in an operating environment where the chessboard is changing on you on a daily basis. It's not like the data center where you're used to working with a certain infrastructure in a certain way. As you built it, the cloud is constantly changing. This is one of the challenges that security groups have: Maintaining consistency and keeping up with the rapid state of change which is going on in the cloud. As new features come on board, it's important that those features and capabilities get integrated with the firewall and the way that the policies can be applied evenly. The cloud changes so quickly and it is one of the main reasons that a lot of companies are finding themselves exposed in areas that they may not realize. This is why a cloud-based security vendor is important because they understand these changes. When there is a new feature or functionality that might expose you in a certain way, they make sure the integration applies evenly. This is important for us and the industry. View full review »
Brian Talbert
Director of Network and Connectivity Solutions at a transportation company with 10,001+ employees
The advice here really is two-fold. The first is a comment I made earlier. The bulk of the security incidents that are going to be made in the environment that security professionals will be working in, in 2019, are going to be caused by human error. More than 80 percent of all of the security incidents that were reported last year in the cloud were a result of human error. So my advice is to get a solution that is dead-easy to administer and one that is not being done in the types of controls that we're used to in traditional firewalls: IP addresses, ports, protocols. We've got to stop thinking about it that way and start thinking about the language of our customers, such as the applications that they need to protect, as opposed to the ports and protocols they need to protect. Number two is that with a traditional approach to firewalls, you do not have visibility in east/west traffic inside of your virtual environment, inside of your data center, and it's no longer enough to simply segment. You've got to segment and secure the segments. Separating traffic isn't enough. You've got to put controls around the segments, meaning microsecurity in addition to microsegmentation. If we go beyond security professionals, my advice to senior management, people like me, is going to be around making sure that you're prepared, from the top down, to be supportive of a change in model in security so that you are driving security through your AppDev teams and through your DevOps teams. What you really want to do is make it dead-simple, super easy for those folks to develop secure applications. You're going to do that by taking security and reframing it into the words and language that they use instead of the words and language that a network engineer uses. We were an early adopter, and our company worked with ShieldX as they were launching the product, so we've been engaged with ShieldX for about two years, prior to the product launch, mostly helping to shape the vision of the product. As far as who is administrating ShieldX, we have about a dozen people, and that would include traditional firewall administrators, but also our DevOps teams. The teams that are developing the automated pipelines to build servers, they're also using it to automate the application of the security controls. Staffing for deployment and maintenance is similar to how you would think about traditional firewalls. If I had a team of four people that were administering my firewall and security controls in a traditional environment, I'd probably still have the same, and that's about the number we have. They are security engineers. I would rate ShieldX at eight out of ten. This product is hitting all of the marks for us. I would put it at a nine if the CPU utilization was lower. They're getting there and that's on their roadmap. It's a part of developing a new product. You first build the features and then you tune it and make it more efficient, so they're focused on efficiency right now. View full review »
Branden Emia
Senior Systems Engineer at Larry H. Miller Management Corporation
Stop looking and try it. Talk to ShieldX and determine if this is what you need in your environment. While I am familiar with the Adaptive Intention Engine, but I don't really pay much attention to it. We haven't done any migration to the cloud. Everything is on-premise. View full review »
Find out what your peers are saying about ShieldX Networks, VMware, Illumio and others in Cloud and Data Center Security. Updated: October 2019.
372,124 professionals have used our research since 2012.
Sign Up with Email