Scribd
Upload
9 views

Objection Handling

Uploaded by

Marcos Ronderos
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
9 views

Objection Handling

Uploaded by

Marcos Ronderos
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Objection Handling

1 // Guardicore Confidential
General
Objections Response

Our Application Owners do not ▪ Guardicore Centra includes a Discovery and Application Dependency
know enough about their Mapping capability that can assist in determining how servers and
applications to help us create applications are communicating.
policy.
▪ Guardicore Reveal includes granular visibility that helps customers
understand which systems are talking to each other and why.

▪ Guardicore Reveal also includes in a visual policy builder than can guide
customers through the process of creating policy.
I have thousands of servers, ▪ With Guardicore Centra, we only need to label the systems that are in
labeling them all will take a lot of scope for our use cases and business needs.
time.
▪ For example, is we are ring-fencing 20 applications, we only need to
label those applications, not the rest of the applications within the
environment.

2 // Guardicore Confidential
General
Objections Response
We do not have a CMDB Inventory That’s OK. Guardicore supports a variety of methods for labeling systems:
that we trust for creating Labels.
▪ VMware Tags
▪ Cloud Provider Tags
▪ Spreadsheets
▪ Defining labels with the Centra UI
▪ CI/CD Pipeline integrations
▪ Many others…
Our compliance regulations require The Guardicore Agent is a host-based, stateful firewall.
us to use a stateful firewall.

3 // Guardicore Confidential
Agent
Objections Response
Guardicore requires an agent ▪ True but the Guardicore Agent provides a few advantages compared to
infrastructure and network-based segmentation tools.

▪ The agent allows Guardicore to be agnostic to the infrastructure and network.


This means we can protect any server/workload regardless of where it resides. A
bare metal server, virtual machine in VMware or Hyper-V or a VM deployed in a
Cloud Provider. You get a single solution for managing all security policy across
the entire infrastructure

▪ The agent allows for performing segmentation without making changes to the
network. There’s no modification to switches or network firewalls, no changing
of IP addresses and, most importantly, no downtime.

4 // Guardicore Confidential
Agent
Objections Response

Agents create performance ▪ The Guardicore Agent uses resource prioritization and capping in order to
issues on our servers. minimize its impact on the server.

▪ On average, the Guardicore Agent uses around .1% of CPU. 200MB of RAM max
cap.

▪ There’s no deep packet inspection or on-demand scanning occurring, which are


traditionally the root cause of performance issues created by agents.
The agent uses a kernel ▪ That is correct. We use a kernel module in order to provide application-level
module. controls regardless of whether the operating system is Windows or Linux. This
gives Guardicore customers:

▪ More granular controls for creating more restrictive rules to improve your
security posture and reduce your attack surface.

▪ Consistency in the level of granularity in policy, regardless of the operating


system.

5 // Guardicore Confidential
Agent
Objections Response
The Guardicore Agent manipulates ▪ This is not true. The Guardicore Agent does not manipulate the kernel.
the kernel Windows and Linux operating systems offer API hooks for host-based
firewalls to perform traffic filtering,

▪ Guardicore uses these pre-defined API hooks to connect into the


Windows Filtering Platform (WIndows) and the Netfilter (Linux) just like
the Windows Firewall and IPtables do.
I cannot install agents on all of my ▪ Guardicore also include a Collector to provide full coverage of your
systems. My environment includes environment. A Collector is a layer 4, sniffing devices that connects to
mainframes, appliances and other physical switches, taps or virtual switches in the environment.
black box systems
▪ These Collectors can provide visibility and policy alerting for systems
that do not support an agent.

6 // Guardicore Confidential
Agent
Objections Response
We cannot upgrade agents every time ▪ Guardicore ensures backwards compatibility between agents and the
a new release comes out. management control plane going back 2 releases.

What happens if an agent fails? ▪ In the unlikely event of a complete agent failure:

▪ The agent fails open in order to not impact the server or business
application

▪ The Aggregator monitors agent health and will generate alerts related to
agent issues that can be proactively sent to SIEM, syslog or ticketing
systems.

7 // Guardicore Confidential

You might also like