If you were talking to someone whose organization is considering Guardicore Centra, what would you say?
How would you rate it and why? Any other tips or advice?
We have been a little behind in updating our version. We have been using version 31 but today or tomorrow, we will upgrade to version 35 or 36. This product represents the next generation of protection. A lot of people have asked us, "What is the next generation of solution for protecting your internal network?" and the answer is this kind of segmentation. It may seem easier to stick to using traditional firewalls and LAN protection, but this next-generation tool is easier to implement and gives you a more effective network defense. Every time we see an area of improvement, they give us a new update or platform to fix it. Things are regularly fixed and updated between versions. The biggest lesson that I have learned by working with this system is the knowledge of what happens in my network, in terms of connections between users and the server. I have seen lots of connections from devices, other than PCs, to the server. This is a system that works for me. I'm not working for the system. I would rate this solution an eight out of ten.
Think about what you want out of the product and how your environments are set up. This will make it easier in the long run to deploy it. It is easy enough already, but if you know what you want from your environments, then the easier they will be to deploy. It has helped me to clarify our thoughts about our environments and which applications we want controlled. That is a top down view that we don't normally get when looking at our systems. It makes it easier to look at systems and think of what we have and what we need to do with them, controlling the traffic between them. Guardicore Centra definitely covers RHEL and all Windows machines. We have not rolled it out onto all our Windows machines yet, but we are planning on doing that next week. However, it should be able to cover them all. This is very important to us. There is no point in covering some machines and not covering the rest. It is better to have more machines on Guardicore Centra because it gives us a bit of an overview, then we don't have any blind spots. We have gotten what we wanted from the solution based on everything that we have added to it. I would rate the solution a nine out of 10 because of the ease of rollout, the oversight it gives you in terms of traffic in and out of your network, and the way it gives you an overview of all your systems and how you see the traffic. It helps you focus your mind around how you want your environment setup and how you can set it up in the future as well.
Start off with a small deployment and prove that it works. Once you get the benefit of that, then increase the deployment. That is what we did. We used the solution’s AI-powered segmentation, but then we tweaked it, because the rules that it created didn't really match the way that we worked. If you are going to accept the results of the AI, then it will speed things up a lot. In our case, we wanted to double-check everything and find our own way, so it probably didn't save us any time. The AI-powered segmentation is useful for taking a baseline segmentation, but you should check it yourself and tweak it to suit what your company needs. We use it to secure our Linux and Unix environments. We are now looking at adding it to our Windows environments and desktop infrastructure. We are planning to have the solution help cover legacy or end-of-support operating systems, like Win2003, AIX, Solaris, or RHEL, but we haven't done that yet. Guardicore Centra saves a lot of time, approximately three to six months, mainly through hardware. I would rate this solution as 10 out of 10.
Guardicore Centra is very easy to install. We have very good technical support. The product itself is very good and robust. In security, there are not many products that can do what it can do in terms of visibility, seeing what is going on in the server, and using the type of mapping that it gives you with the application. With the segmentation part, that is saving us a lot of money with traditional firewalls. It is a very good product. I would rate it a nine (out of 10). I think it lacks publicity. In my community, if you talk to another colleague and tell them about Guardicore Centra, they probably do not know what it is. Guardicore Centra is improving on its functionality. The company is putting a lot of effort into growing the tool. I would recommend trying it and giving it a shot, then you can see what the tool can do. We have just begun to use the solution’s AI-powered segmentation feature.
Think of all the possible scenarios that could apply to your network traffic and make sure you test those thoroughly in your PoC. Think about things like clustering, broadcast traffic, and all the different ways you want to be able to either restrict or group traffic. Run through the gambit of scenarios that you could imagine wanting when segmenting your network with a microsegmentation tool and test all of those as much as you can. We haven't run into any issues, but there have definitely been some instances where we assumed the product worked one way and, as a result, we went down a path for a week or two writing rules in a certain style, or grouping things a certain way. But then we came to realize, "Oh, that's not really the way Guardicore is intended to work, and it works better if you do it this way." So test, test, test. Make sure that you're confident that it's going to meet your needs. There's nothing that they've advertised or told me that it can do that it can't do. It's more my understanding of how to implement it. They're flexible, so it's almost like they give you enough rope to hang yourself with you. You might want to talk to them about your philosophy a lot, upfront, before you even start to really commit to a direction regarding how to build your rule sets. If they understand what you're trying to do, they can probably guide you on the best way to get there. We just picked it up, thinking we're technical and smarter than we are, and ran down one road and when we got there found, "Oh we should have done it this way." And when we stepped back and looked we said, "Oh yeah, that makes a lot more sense." Then we had to go back and undo some of our work. So work really closely with the PS guys, explain what you're trying to accomplish and be open with them, and they will help guide you to the best way to implement the product. I would give Guaridcore an eight out of 10. It's a really great product. There is probably room for them to make improvements. Obviously, they're always adding new stuff. The biggest hindrance we've had is a lack of resources to dedicate time to the project, and none of that is their fault. It's more a matter of making sure you're pushing all of your projects forward with Guardicore in mind. If you're going to have it wrapped around all your applications, you need to make sure you're writing your apps in a way that is going to work well with Guardicore, or that you're building your network typologies in a way that it's going to work well with Guardicore. If you're going to go all-in and put it on all your servers, you have to factor it into all your decision-making. And I wouldn't say that's a negative, but that's the main takeaway, now that we've gone down this road. You really have to think about Guardicore's intended view of how the product should be used and make sure that you're building along with that, so that you don't come to a crossroads with the tool when you're trying to secure your application. They're definitely keeping up with new technologies, their deployment is easy, and their customer support is great. I really don't have a lot of negative things to say about it.
Right now, I would definitely recommend Guardicore for someone who is looking into the micro-segmentation space or probably an internal firewall for the organization. On a scale from one to ten (where one is the worst and ten is the best), I would rate Guardicore Centra as probably an eight-out-of-ten. The interface and dashboard are amazing. I would rate the user interface as a ten-out-of-ten. For other reasons having to do with features and functionality, I have to mark them down a few points.
We're using the cloud deployment model. We use AWS and Azure for the solution. I would rate the solution eight out of ten. At the moment, when I use this product it's great. I'm satisfied with what it can do.
The first major piece of advice is to initiate a robot to review the solution. Second, go on YouTube. There are quite a few demos on YouTube. The most important point is to schedule a proof of concept on the site, which is done online. It is very easy and the proof of concept is normally followed with a quote. Just those two items, a proof of concept with a quote, allows a client to justify the cause either way. You should not deploy GuardiCore or any solution without the proof of concept, not anymore, not today. It's very easy now to get a proof of concept and look at those things. I would rate GuardiCore an eight out of ten based on the product visibility in an area that IT is completely blind about. The product needs improvement in change control and compliance. GuardiCore also needs to improve the ability to respond to annual audits, especially now that many institutions are required to do at least an annual audit. Based on the ability to monitor and manage these newer standards, I would give GuardiCore a ten. It's been dramatically improved.
Guys, what is the best solution for microsegmentation?
Today we have a 100% Cisco + AlgoSec equipment base. I'd like to hear about Guardicore - what can you tell me about it?