Guardicore enables the same level of granular, process-level rules across different operating environments like Windows and Linux. Illumio makes you live with increased risk on Linux servers by not enforcing process-level rules.
WE DON’T LEAVE YOUR LEGACY SYSTEMS AT RISK
Guardicore supports more legacy operating systems than Illumio such as Windows 2003, CentOS 6, and RHEL5, including systems where agents cannot be deployed. Illumio ends OS support concurrent with OS vendor.
WE GIVE YOU THE FULL PICTURE IN A SINGLE UI
Guardicore Reveal provides intuitive views into workloads and flows with both real-time and historical views. Illumio forces you to do complex searches in a different UI to see historical data.
WE LET YOU CLASSIFY YOUR ASSETS IN YOUR LANGUAGE
Guardicore provides rich, accurate labels from multiple data sources including vSphere, Azure and AWS out of the box. Illumio forces you to use their four predefined labels for all data sources.
WE PROVIDE FASTER AND SIMPLER SEGMENTATION
Guardicore supports a flexible whitelist/blacklist model for fast risk reduction with a few rules. Illumio only supports whitelist which makes you write hundreds of rules before you can apply simple hygiene like allow access to prod only from a jumpbox.
WE DON’T JUST SAY WE ARE BUILT FOR SECURITY. WE ARE.
Threat detection and threat intelligence – backed by our world renowned Guardicore Labs research team – are integral features of the Guardicore Centra platform. Illumio thinks that vulnerability scans alone are enough security.
Comparing Guardicore Centra and Illumio ASP
Guardicore Centra offers numerous security advantages over Illumio ASP.
VISIBILITY DEPTH & BREADTH
Agent-based activity discovery
Agentless activity discovery
Real-time & historical visualization of all communication
Granular, live view of app components & communications
Automatic application dependency map generation
Visibility insights to aid policy development
Built-in tag synchronization with orchestration tools
Comprehensive list of filter options
Basic segmentation (geo, environment, zone)
Micro-segmentation (application by port, application tier, workload)
Process-level micro segmentation (including dynamic ports) on-premises and in the cloud
Segmentation at the container level
Prevents and contains unauthorized devices on the network
Support for legacy OSs (e.g. Win2003, CentOS 6, RHEL5)
Support for systems where agents cannot be deployed