Guardicore is a segmentation company, now part of Akamai since the late 2021 acquisition, aiming to displace legacy firewalls. The Guardiocre software-only approach is decoupled from the physical network to provide a faster alternative to firewalls. It is built for the agile enterprise that offers greater security and visibility in the cloud, data-center and endpoint.
N/A
Cisco IOS Security
Score 9.1 out of 10
N/A
IOS Security from Cisco is network security technology.
This is the best possible solution for enterprise-level organizations where server counts will be in the thousands. To manage these and understand the communication can be very cumbersome without this tool. Ease of creation map zone and application-wise can be relaxing to OS teams and support teams as well. There is no limit to labeling schema of servers and it gives the freedom to do so.
We used to access list remote login to the switches for only network admin from specific vlan. And allow some vendor server to connect for snmp messages. This has allowed us to monitor with external vendor while keeping security tight and audit for users. In other hand we had to use external solution for NAC
Cisco could provide an initial set up script for those are not used to the CLI (Command Line Interface). With that initial script, people could easily deploy the security features instead of having to learn how to use the commands.
The web interface that Cisco provides with the routers, although it’s useful to set up the security features, it could also have some sort of tutorials to help people understand the main concepts of iOS security.
You have to license iOS security separately from the main OS. For that reason, sometimes it tends to be a little expensive if you have a small business.
The solution is deployed throughout the organization. Teams are working and integrating it with the help desk tool wherever required. Helps in identifying the network traffic flows in lateral movement and east and west as well. Allows policies by default and later fine-tuning to be done to narrow it and enforce blocking action. Exporting reports from the tool is easy and can be observed for any issues.
Cisco IOS Security usibility require a network administrator or an engineer with CCNA knowledge to know how to handle and configure Cisco IOS Security. The Cisco IOS Security usability once you know your way is smooth and very helpful. Even for new commands you can just type question mark and the new commands will pop on the screen.
Support has been available 24*7. It also depends on criticality but support is available. Also, the right expertise from the team helps in identifying the issue quickly and this helps in less production downtime if required. The ticket is resolved with RCA.
Cisco has the best Support team that gives us 24/7 support as we need. Cisco has huge detailed documentation for design, implementation, and troubleshooting all areas of the IOS security. There are many communities discussing all Cisco devices and solutions for studying groups and for customers to share their stories, technical problem and solutions.
1) No limit to labeling schema. 2) Ease of creating maps with respect to zone, environment, subnets, etc. 3) Ease of creating policies and publishing the same. 4) Deception 5) Integration with monitoring tool (grafana) 6) Changes in the agent can be considered if there are legacy systems, time-consuming but can be achieved with the right information.
IOS Security is a bonus feature when you purchase Cisco devices. It is great to have a vendor provide equipment to go above and beyond the minimal needs for business operation. Having security at the downstream edge of our organization provides a sense of ease from potential attacks.
