Aviatrix aims to bring multi-cloud networking, security, and operational visibility capabilities that enterprises customers require. Aviatrix software leverages public cloud provider APIs to interact with and directly program native cloud networking constructs, abstracting the unique complexities of each cloud to form one network data plane, and adds advanced networking and security features.
N/A
Lacework
Score 6.0 out of 10
N/A
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.
This product offers simple ways to manage network routing between public cloud, on-prem, and external network. It has built-in options to secure network traffic, as well as option to direct traffic to 3rd party security products for a more advanced traffic inspection. The core function works and is easy to operate. On the other hand, I am unable to give it more than 7-star because some useful features are lacking. This includes lack of customization in email alerting, IPS policy management, and temproarily admin-down of an established site to site VPN connection.
Lacework is well suited for behavioral analysis. One thing to consider thought is in the early stages there will be quite a bit of noise generated by Lacework. There will be a higher volume alerts generated initially - until a good baseline is generated. Overall Lacework is good with alert handling - integration with Slack is good.
With a few very easy steps to establish routing between AWS VPC
Easy procedures to establish site to site VPN connection with external parties.
Provide network access control on routing traffic using its own build-in firewall inspection or directing traffic to 3rd party NGFW for full stack inspection.
The core function of the product works very well. It really makes network traffic management easy in public clound, as well as crossing different public and private cloud platform.
We initially tried using the native routing funcitons in AWS (transit gateway) and in Azure (virtual network). While those native options worked, it became difficult to opeate when we tried to impose security inspection on the routing traffic. This leads us to the Aviatrix solution.
Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions.
Reduce labor hours for network admin to manage public clound network routing policy.
Build-in security features may be good enough for small/medium size companies, and thus saving money from full funciton NGFW solution.
The Cost-IQ feature enable one to capture traffic volume of each VPC. This provides one way for the enterprise to perform cost charge back to various business funcitons at the VPC level.
Being a FinTech company, financial institutions who partner with us want to know that we are appropriately maintaining a Security, Risk and Compliance program that maintains a level of comfort for their vendor management. Lacework gives us the ability to monitor and maintain a level of security for our infrastructure that puts our partners at ease, reduces the revenue cycle for new partners and opens doors to the future.
