We changed our name from IT Central Station: Here's why
Get our free report covering Cisco, Cisco, Nutanix, and other competitors of VMware NSX. Updated: January 2022.
563,208 professionals have used our research since 2012.

Read reviews of VMware NSX alternatives and competitors

Solution Consultant at a computer software company with 10,001+ employees
Consultant
Top 20
Stable with good baseline functionalities but requires better flexibility
Pros and Cons
  • "The stability is quite good."
  • "Technical support needs to be more helpful. It's rare that you get a knowledgeable person."

What is our primary use case?

Primarily, what we like is the ability to do micro-segmentation. We have many different application endpoints, and one of the key use cases for us was to be able to classify the application endpoints into arbitrary buckets of different silos. We need to be able to ensure that different endpoints will go into, let's say, a production silo, versus a development silo, versus a test silo. That was one of the use cases.

The function above and beyond that is that you get things like automation as part of the SDN framework. Therefore, you get the data center overlay that is built automatically and provisioned automatically from the automation capability that's built-in.

What is most valuable?

The solution has all of the baseline functionalities for any sort of SDN capability. 

The stability is quite good.

The initial setup is straightforward.

What needs improvement?

One of the areas that need work is feature flexibility. If you want to do things like routing policies it's not cookie-cutter, however, you want to customize routing policies. It becomes a little bit more constrained due to the feature set, the routing policy feature set within ACI, doesn't allow for you to get very customized when it comes to, let's say, failover type scenarios. However, that's just an artifact of the product maturity. It's going to take some time before the product becomes mature and they have the ability to have more customized features enabled. At version 4.0, these features were not yet available. We ended up having to basically export the routing functionality, the more advanced routing functions, outside of ACI and just put it into the routing infrastructure around it.

The initial setup is not intuitive.

Technical support needs to be more helpful. It's rare that you get a knowledgeable person.

It would be nice for them to provide visibility at a cheaper price point. Visibility is something that everybody wants to achieve with their workload. One of the benefits of SDN is supposedly the ability to collect all that telemetry and correlate it to something that is actionable and meaningful. That's a key requirement, however, the bar is so high in terms of costs. In our environment, we opted out of it as it's so expensive, however, it would be nice, as, if you don't have visibility, then how do you properly segment your workload? The minute you start segmenting, you kind of cut off workload communication. If your goal is micro-segmentation and putting your workload into arbitrary silos, and if you don't have the visibility, then it will be very difficult to achieve. Therefore, if you don't have visibility and you want micro-segmentation and you don't want to pay, then ACI is not your solution.

For how long have I used the solution?

I've been using the solution for two years at this point.

What do I think about the stability of the solution?

The solution is stable. We don't have issues with it crashing or freezing.

What do I think about the scalability of the solution?

While supposedly it's scalable, the program is not. I don't have any data point that I can provide for scalability within ACI, as our environment is fairly small.

How are customer service and technical support?

Technical support is hit or miss. Sometimes you can open a ticket and you will not have to escalate it three or four different times before you get somebody that is competent. I would say that's 85% of the time, however, the other 15% of the time you get lucky and you get somebody that knows what they're talking about.

Which solution did I use previously and why did I switch?

I have some experience with VMware. I'd describe it as more intuitive and easier to configure, however, it's a different solution as it's software-based as opposed to ACI which is hardware-based. 

How was the initial setup?

The solution's initial setup is straightforward. It is not difficult. One other area that I would say is a negative is the way that they have their setup. It's not intuitive. It's very complicated and if you want to provision an interface or something like that and get that interface, it requires a bunch of steps that are very counter-intuitive. It's not user-friendly.

What's my experience with pricing, setup cost, and licensing?

The pricing could be a bit cheaper.

Which other solutions did I evaluate?

If I compare ACI to a VMware NSX-T type solution, I don't know if there's a differentiator there compared to NSX. I will say that NSX has much higher numbers of differentiation, as they have visibility into the workload at the hypervisor. Having used ACI, we were looking at solution sets that will give us specific capabilities beyond that. The value of NSX is it will give you the visibility component.

What other advice do I have?

The version that I was working on is a 40 version, however, the company is at a 50 version at this point.

If you are looking for a solution that will give you the ability to have really good visibility into your workload, how your workload performs and functions, ACI doesn't give you that level of granularity as compared to, for instance, a solution like VMware NSX. For them to provide visibility, you're going to have to spend a lot of money on Tetration, which is another solution that they try to force on you. If visibility is one of your key requirements, then you might want to rethink your data center SDN solution for ACI.

I'd rate the solution at a six out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Iain Todd
Corporate Operations Manager at University of Strathclyde
Real User
Top 20
Provides us an added layer of protection as well as user analytics that we can give to our company's directors
Pros and Cons
  • "We like the centralized management of the firewalls. Until we installed Guardicore Centra, we managed all our firewalls individually, so making changes was complicated, difficult, and time-consuming."
  • "Sometimes, the speed needs improvement, especially when it comes to the generation of maps, where it can be a bit slow."

What is our primary use case?

The primary use case was for segmentation.

The range of platforms and operating systems that the solution covers seems good. Currently, we use it for all our Linux operating systems and some of our Windows environment.

We just deployed agents to Guardicore in our data center.

We are using the latest version of the solution.

How has it helped my organization?

We recently did a database migration from Solaris to Linux. The Solaris platform had dedicated hardware firewalls to segment it off. By moving to Linux, we were able to use Guardicore and do our network segmentation through it. Therefore, we didn't have to invest in hardware.

What is most valuable?

We like the centralized management of the firewalls. Until we installed Guardicore Centra, we managed all our firewalls individually, so making changes was complicated, difficult, and time-consuming.

What needs improvement?

Sometimes, the speed needs improvement, especially when it comes to the generation of maps, where it can be a bit slow.

For the reporting, I would like if they could make it easier to check what the agents are doing.

For how long have I used the solution?

I have been using it for about a year now.

What do I think about the stability of the solution?

The stability is great. There are no issues at all.

Using the solution for segmentation did not require system downtime or changes to networks or applications, which was a bonus.

The solution is managed by a team of three admins. This is not their primary job. It is just an addition to their primary job as a normal UNIX administrator.

What do I think about the scalability of the solution?

For our environment, it scaled perfectly fine with no issues (up to 250 agents), so there haven't been any issues.

We have 80 applications secured and 250 agents installed at the moment. 

How are customer service and technical support?

The technical support has been excellent. It is probably one of the best customer services provided by any company. They are helpful, reactive to problems, and constantly work to enable us to do what we want to do.

Which solution did I use previously and why did I switch?

Guardicore Centra is much better than our previous solution, which was a bit of a nightmare to administer and look after. In that respect, this solution is much better, as there is less chance of things going wrong.

Guardicore Centra is definitely more secure and agile. It is probably less cost-effective compared to what we were doing, which was free. 

How was the initial setup?

Its approach to implementing segmentation was very simple and straightforward. You can basically use it out-of-the-box.

It tooks us probably three months to secure the development environments, then another three months to do the production environments. It was probably faster than how we did it. It was just a matter of us gaining confidence in the software to switch it on and have it do everything it was supposed to do, and it took a bit longer for that to happen.

What about the implementation team?

Guardicore helped us set the process up via video call. So, the customer service was excellent.

We did the implementation strategy ourselves. We deployed the solution with two people.

What was our ROI?

We get an added layer of protection and user analytics that we can give to our directors in the company, so they can be more confident that things are being managed correctly.

Which other solutions did I evaluate?

Guardicore Centra provides better value for money than NSX, was the other solution that we looked at, which was too expensive for what it does. The main difference was that Guardicore just concentrated on segmentation. NSX was more of a network solution that did too many things, and we really didn't need all this stuff that it was doing.

What other advice do I have?

Start off with a small deployment and prove that it works. Once you get the benefit of that, then increase the deployment. That is what we did.

We used the solution’s AI-powered segmentation, but then we tweaked it, because the rules that it created didn't really match the way that we worked. If you are going to accept the results of the AI, then it will speed things up a lot. In our case, we wanted to double-check everything and find our own way, so it probably didn't save us any time. The AI-powered segmentation is useful for taking a baseline segmentation, but you should check it yourself and tweak it to suit what your company needs.

We use it to secure our Linux and Unix environments. We are now looking at adding it to our Windows environments and desktop infrastructure.

We are planning to have the solution help cover legacy or end-of-support operating systems, like Win2003, AIX, Solaris, or RHEL, but we haven't done that yet.

Guardicore Centra saves a lot of time, approximately three to six months, mainly through hardware. 

I would rate this solution as 10 out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Khader Jeelani
Sr.Network Engineer at Alghanim Industries
Real User
Top 20
Easy to setup, maintain and manage, but very expensive
Pros and Cons
  • "It is easy to manage, easy to maintain, and stable. If you set up everything alright, it will give years without any issues."
  • "In terms of what could be improved, I would say the cost. The SDN hardware especially is much too expensive, specifically 799 and 9000."

What is our primary use case?

We use it as a hybrid. We are mostly deploying Cisco Enterprise Network Functions Virtualization on our on-prem data centers. We mostly work on-prem for the hardware infrastructure. We have a little bit on the cloud, especially with AWS or Azure.

What is most valuable?

In terms of most valuable features, we are enterprise level and we are using Cisco products for our data centers, for our WAN connectivity, and for our branches since we are a retail industry. We are a huge branch and we are connecting everything through Cisco. I have experience with Cisco Routers, especially from the lower end to higher end to ASRs, ISRs, Catalyst 6500, NSX 7000, but I have not gone through 9000 or 799 with the ACI feature.

What needs improvement?

In terms of what could be improved, I would say the cost. The SDN hardware especially is much too expensive, specifically 799 and 9000, which act like a spine and those spines are connecting to the leaves. The architecture itself is very expensive compared to NSX where we have flexibility with the virtual environment for the same purpose controlling east-west traffic, policing, profiling, and everything is done on both the features. But the Cisco hardware is much too expensive. 

Performance-wise in the data center with 30G, 40G, 100G, you need to know how specific data can be sent to that 100G if you are using FCP only for the same traffic. Whereas with VMware or even Broker, they have tested 10G or even 100G with the interfaces and they give 100G performance. But with ACI, with your chip set for the FC, we still have not actually seen that the performance is productive. So the cost for the data center could be reduced. 

Other things are fine because we have SDN now with Repeller and Cisco is very good here. Umbrella is good. I think it's progressing towards the cloud. The WAN is good. But on the SDN data center, software defined data center, it should be considered in comparison to partners.

For how long have I used the solution?

I have been using Cisco Enterprise Network Functions Virtualization for more than 15 years.

What do I think about the stability of the solution?

Again, from the WAN perspective, especially for enterprise, it is stable.

Compared to other vendors where we have a router going up with abrupt changes, Cisco is stable.

What do I think about the scalability of the solution?

From a WAN perspective and as an enterprise solution, yes, it is scalable. No problem with the scalability.

How are customer service and technical support?

Technical support is good. I would say five out of five.

What's my experience with pricing, setup cost, and licensing?

We get all the cost value from local partners - there are multiple Cisco partners. But because of the NDA, we cannot disclose anything else.

What other advice do I have?

It is always good to work with Cisco products. We love to work with Cisco. But I respect other products as well.

On a scale of one to ten, I would rate Cisco Enterprise Network Functions Virtualization a seven as I have gone through the documentation compared to other virtualizations like NSX.

To bring that score up, there could be more optimization on the cloud, especially SD-WAN, which we have gone through but still I think needs way more optimization compared to partners or competitors like VMware, VeloCloud and the other vendors and SD-WAN leaders. Cisco needs to improvise for more optimization because we have on-prem and we have cloud. It's a mixed solution and Cisco is a mixed solution with images, as well as the storage. The solution should be a uniform solution, where we have only one vendor, like others that have their own platform and are using their own optimization, such as Gartner, which is top compared to Cisco.

Additionally, they should have a little bit more security on the SD-WAN side. I think Umbrella should be integrated. I think they started more integration on the SD-WAN device like a SASE kind of solution, which can be replaced for a remote access kind of solution.

I would recommend Cisco Enterprise Network Functions Virtualization, as it is easy to start, stable, and scalable on the enterprise network. These are the three key components for good performance. It is easy to manage, easy to maintain, and stable. If you set up everything alright, it will give years without any issues.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Get our free report covering Cisco, Cisco, Nutanix, and other competitors of VMware NSX. Updated: January 2022.
563,208 professionals have used our research since 2012.