Compare Illumio Core to Guardicore Centra
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
C O M PA R I S O N G U I D E Compare Illumio Core to Guardicore Centra
C O M PA R I S O N G U I D E
Compare Illumio Core™ to Guardicore Centra
Inline agents, multi-tiered deployment models, and cumbersome rulesets make host-based segmentation
deployments needlessly complex and risky. Guardicore’s host-based segmentation solution offers capabilities
that help you achieve the goal of segmentation, but with hard-to-manage rulesets and more complex agent and
deployment models, achieving Zero Trust and segmentation is not possible.
ILLUMIO CORE GUARDICORE CENTRA
MICRO-SEGMENTATION
• Policy must be designed manually to start – rules
are written manually like a traditional firewall.
• Policy creation workflow is streamlined based on
• Interactive rule writing from map and flows is
Policy workflow the application, with easy actions based on live
complex and difficult to track.
flows in the map.
• Rules with IP lists program workloads as well,
making policy writing difficult.
• No feasible limit since you are leveraging native • 1k rules per endpoint.
Rule limits
stateful firewall. • 12k objects per rule.
• Scoped rulesets are specific to applications, • Monolithic ruleset which is evaluated
environments, and locations. sequentially in sections.
Ruleset design • Label-based rules are possible, but operationally
• True Zero Trust allowlist policy model.
it can become difficult to keep track of where
• Label-based rules for ease of understanding. rules apply as the rules get longer.
• Full revisioning with details on every change • No revision details. Versioning is present but
Policy revisioning
made with each revision. contains no details on changes made.
• Proprietary stateless firewall uses kernel hooks
to collect data and enforce rules.
• Programs the host’s native stateful firewall.
Enforcement • Agent is inline with traffic, making it a point of
• Does not impact data path.
failure for security – if it goes down, it will take all
the security with it.
• Semi-automated rule writing is operationally
hard to use with the custom maps.
Automated • Use Policy Generator to generate • Ringfencing or micro-segmentation only
rule writing optimal rulesets in minutes. – no automated tier-to-tier segmentation.
• No ability to exclude rules during the
automated creation.
• Yes – discrete deployment modes include
100% confident • No – requires adjusting ruleset to
build, test, and enforce to ensure confidence in
ruleset creation the ruleset.
attempt validation.
• Three individual modes – build, test, and
• Agents are always enforcing. To validate rules,
Non-disruptive enforce – allow testing and modeling the entire
they need to be moved around the ruleset. This
deployment modes policy before enforcing. This ensures no loss of
adds increased complexity and risk.
communications during deployment.
2C O M PA R I S O N G U I D E
Compare Illumio Core to Guardicore Centra — Continued
ILLUMIO CORE GUARDICORE CENTRA
VISIBILITY
• Live high-fidelity global map with automated • Static map that must be based on
application grouping for precise visibility. traffic criteria and filters.
Maps
• Ability to overlay vulnerabilities from scanners • Map data may be delayed or stale at
and quantify risk. time of generation.
• Robust and precise Explorer-based queries to
collect exactly what details you need on live
traffic flows. • Filter-based queries.
Network logs
• Visually represent flows in parallel graphic to • Can save filters for repeated use.
easily understand.
• Saves searches for repeated use.
• Single view of all workloads and details,
• Single view of all workloads and details, and can and can filter on labels.
filter on labels.
Workloads • Unmanaged workloads require third-party API
• Create unmanaged workloads to monitor flows integration, so if the integration goes down, the
at will for hosts without the agent. workload disappears, which can impact rules
and security.
OPERATIONS
Role-based access • RBAC is present but limited application owner
• Full RBAC and application owner control.
control (RBAC) views as a result of single monolithic ruleset.
• Heavyweight agent that manipulates the kernel
Agent • Lightweight agent on the host.
and needs safeguards to stop CPU/MEM spikes.
• Centralized control and distributed enforcement. • Centralized control and distributed enforcement,
Architecture • Hosts communicate directly with the Policy however all agents must communicate through
Compute Engine. a proxy to report flows and receive policy.
• Wide-ranging Windows, Linux, AIX, Solaris
OS support Wide-ranging Windows, Linux, AIX, Solaris.
(specific kernel versions are required).
• Heavyweight – if guardrails are not put in place,
Performance impact • Lightweight – near zero footprint. depending on traffic profile, the agent could
overrun the system.
• Four-dimensional, business logic labels to • “Infinite” number of labels, however no ability to
Labeling
provide the most application context. stack labels (multiple roles).
• Based on hostname or IP address.
• Static labels can be ingested from trusted • The labels will constantly change, so if IPs are
Dynamic labeling changing or device hostname changes, it will
source or created in the platform itself.
automatically lose or gain labels and, as a result,
may lose critical security policy.
3C O M P AW
R IHS IO
TNE P
GAUPI D
ERE
About Us
Illumio enables organizations to realize a future without high-profile breaches by preventing the lateral movement of attackers
across any organization. Founded on the principle of least privilege in 2013, Illumio provides visibility and segmentation for
endpoints, data centers or clouds. The world’s leading organizations, including Morgan Stanley, BNP Paribas, Salesforce, and
Oracle NetSuite, trust Illumio to reduce cyber risk. For more information, visit www.illumio.com/what-we-do.
See what customers have to say about Illumio.
The GARTNER PEER INSIGHTS Logo is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights
reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the
views of Gartner or its affiliates.
Illumio, Inc. 920 De Guigne Drive, Sunnyvale, CA 94085, Tel (669) 800-5000, www.illumio.com. Copyright © 2020 Illumio, Inc. All rights reserved. This
document is protected by U.S. and international copyright and intellectual property laws. Illumio’s products and services are protected by one or more U.S.
and international patents listed at https://www.illumio.com/patents. Illumio® is a trademark or registered trademark of Illumio, Inc. or its affiliates in the U.S.
and other countries. To review a list of Illumio’s trademarks, go to https://www.illumio.com/trademarks. Third-party trademarks mentioned in this document
are the property of their respective owners.
Follow us on: 4You can also read
