CloudLock is a cloud security option acquired by Cisco in August 2016.
N/A
JFrog Artifactory
Score 8.0 out of 10
N/A
JFrog Artifactory is a software repository management solution for enterprises available on-premise or from the cloud, presented as a single solution for housing and managing all the artifacts, binaries, packages, files, containers, and components for use throughout the software supply chain. JFrog Artifactory serves as a central hub for DevOps, integrating with tools and processes to improve automation, increase integrity, and incorporate best practices along the way.
Cisco Cloudlock is a good fit for my organization consisting of 150 end users. While we have a small office product that can expand to cover any size organization, I would assume the overhead to monitor would increase. While my organization's business is in real estate, I would highly recommend this for all businesses that handle sensitive and private data. Being able to monitor our cloud infrastructure has allowed our security team to be more flexible in allowing approved users access as well.
It works at scale and a large number of accessible pipelines for searching, repository updates and indexing will become easier. JFrog provides end-to-end solutions for all DevOps needs. With this, Jfrog Artifactory specifically implements the management of highly available repositories, with a smooth interface and integration with all the main CI tools on the market.
The main problem that seems intractable is getting the checksum of the artifact. Managing container artifacts is a game changer for us during project execution, as the container artifact type exposes all base image and Docker file steps. This makes debugging or analysis easier. Jfrog Artifactory provides promotion feature and can automated from one environment repo to another environment repo before the deployment occurs.
They are very quick to respond and go the extra mile to help address our issues. That said, we've only needed them at the early stages of implementation for support help and occasionally when we want to do a full re-scan of our site. They are very flexible in working with us on the timing of such scans.
Support tickets take days to respond. The most basic of questions that should be knocked out in a few hours don't get answers for days. Tickets are also closed without resolution.
Amazon Macie is limited to an AWS environment and fulfills some of the same functions that CloudLock does in SaaS products. Both are very valuable tools, so the decision is not really which to use, but whether to use both for their respective environments. In general I feel CloudLock is a more powerful tool because it connects to Microsoft 365, which is more business critical for our organization, but that really is a personal call.
JFrog Artifactory has a much more friendly GUI, making package exploration less of a chore to do. Other than that, their features are pretty much comparable to each other. Both support multiple types of packages; both have API that can integrate well with CI/CD pipelines.
So many times it happens at the time of dependency resolution some of the servers are down e.g NPM, Maven central, PiPy in that cause our builds starts failing. By proxying these repositories with JFrog this is never happened again.
It reduced the additional cost of container image registry and management effort.
Support of integration with Build, Monitoring, and CI tools resulted in smooth automation and management.
