One of my customers is displacing their current vendor and is seeking a new solution. They refuse to purchase NSX due to cost, but insists on solutions in the hypervisor for AV, Application Whitelisting, and whatever else they can get their hands on. Currently On-Prem, but will be moving to Azure next year.
My current mission is to gather all the data I can to either get them to buy NSX or use a mature solution such as Symantec, McAfee, or Trend Micro.
My overarching question is: Without NSX, is AppDefense+CB Defense worth spending money on? Consider On-Prem, SaaS, and Cloud (Azure/AWS).
I know it’s a lot, so I hope y’all don’t rattle me too much for asking a litany of questions 🙂
The Doc page has a lot of information, but there are gaps in information or there weren’t answers.
I apologize for the litany of questions, but it’s a new product and I want to make sure it will do what my customer expects it to do. Thanks everyone!
I know the CB Defense Connector uses threat reputation and can stop processes. My questions are:
* Can AppDefense+CB Defense run on vCenter alone?
* Can AppDefense+CB Defense run agentless without NSX?
* How effective is application whitelisting on an agentless endpoint?
* How does AppDefense+CB Defense handle unknown file reputations? Does it have self-approval?
* How does it handle Windows Patch Weekend? Windows Updater likes to spawn unsigned powershell scripts in different directories. Making it really hard to isolate to whitelist the process stream.
* Does it offer Memory Protection?
* Is there an inventory function?
* How effective is AppDefense+CB Defense agentless with NSX vs vCenter + Guest Module Agent?
* Does the AppDefense SaaS offering run agentless? Does it require NSX?
* How does the effectiveness/performance compare to other vendors such as Symantec EP, McAfee ENS/App Control, Trend Micro Deep Security?
View Reddit by distantgeek – View Source