# Best Microsegmentation Software *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* Microsegmentation software is a network security solution designed to divide workloads and control them individually using policy-driven, application-level security. These tools isolate components of data centers and cloud workloads using network virtualization to deploy and protect them independently. This helps companies better visualize their assets and workloads to improve visibility, detection, and remediation time all while eliminating an attacker’s ability to move laterally throughout the network. Companies use microsegmentation to both improve protection on individual workloads and improve network observability. When components of a data center or other environments are compromised without microsegmentation, attackers may be allowed to jump from one asset to the next, moving laterally throughout the network. With microsegmentation in place, the attack surface greatly reduces using granular security controls and policy-based security triggers to protect workloads even once attackers penetrate perimeter defenses. Microsegmentation technology is often used to achieve zero trust security architecture, but should not be confused with [zero trust networking software](https://www.g2.com/categories/zero-trust-networking). While there is some overlap between the two categories, zero trust networking solutions are designed specifically to manage identities and control privileged access to internal applications or computing environments. While microsegmentation technology is also used for application-level security, the tools are more focused on creating secure zones, establishing security policies, and isolating workloads individually. To qualify for inclusion in the Microsegmentation Software category, a product must: - Utilize network virtualization to isolate application workloads - Restrict lateral access across networks, data centers, and cloud environments - Dynamically adjust policies to ensure consistent workload protection ## Category Overview **Total Products under this Category:** 27 ## Trust & Credibility Stats **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 900+ Authentic Reviews - 27+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Best Microsegmentation Software At A Glance - **Leader:** [Illumio](https://www.g2.com/products/illumio/reviews) - **Highest Performer:** [Foxpass by Splashtop](https://www.g2.com/products/foxpass-by-splashtop/reviews) - **Easiest to Use:** [Opinnate](https://www.g2.com/products/opinnate/reviews) - **Top Trending:** [Foxpass by Splashtop](https://www.g2.com/products/foxpass-by-splashtop/reviews) - **Best Free Software:** [Check Point CloudGuard Network Security](https://www.g2.com/products/check-point-cloudguard-network-security/reviews) --- **Sponsored** ### Foxpass by Splashtop Foxpass Cloud RADIUS by Splashtop is a fully managed, cloud-hosted RADIUS authentication service designed to provide secure, passwordless access to Wi-Fi networks, VPNs, and various network infrastructures. This solution is particularly tailored for IT teams that prioritize security, control, and operational simplicity. By employing certificate-based and identity-based authentication protocols, Foxpass ensures that every device and user connection is validated, enhancing the overall security posture of an organization. The product is especially beneficial for organizations looking to eliminate the vulnerabilities associated with shared passwords. By utilizing X.509 certificate authentication (EAP-TLS) and identity-driven policies (EAP-TTLS), Foxpass facilitates the implementation of Zero Trust principles. This approach allows organizations to assign role-based access controls and maintain comprehensive audit visibility without the need for on-premises servers or complex Public Key Infrastructure (PKI). Such features make Foxpass an appealing choice for enterprises, educational institutions, and global teams seeking to streamline their authentication processes. Foxpass seamlessly integrates with various identity providers, including Microsoft Entra ID (Azure), Google, OKTA, and OneLogin. This integration is complemented by automated certificate management capabilities through leading Mobile Device Management (MDM) solutions such as Microsoft Intune, Jamf, Kandji, and Addigy. Additionally, the built-in Bring Your Own Device (BYOD) workflows enable secure enrollment of unmanaged or personal devices, ensuring that organizations can maintain security standards while accommodating diverse device types. Compliance with industry standards is another critical aspect of Foxpass. The service is designed to meet regulations such as GDPR, SOC 2, ISO 27001, HIPAA, FERPA, and CIPA, making it suitable for organizations with stringent compliance requirements. Furthermore, Foxpass offers regional hosting and data residency options, which are essential for organizations that must adhere to specific sovereignty or privacy mandates. This flexibility ensures that users can implement Foxpass in a manner that aligns with their operational and regulatory needs. Overall, Foxpass Cloud RADIUS by Splashtop stands out in the authentication service category by providing a robust, cloud-based solution that enhances security, simplifies management, and supports compliance across various industries. Its focus on passwordless access and seamless integration with existing identity systems positions it as a valuable tool for organizations aiming to enhance their network security infrastructure. [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=2690&secure%5Bdisplayable_resource_id%5D=2690&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=page_category&secure%5Bplacement_resource_ids%5D%5B%5D=2690&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=16236&secure%5Bresource_id%5D=2690&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fmicrosegmentation&secure%5Btoken%5D=9c505172eef4cbdb6a6ea2148f3fb678c683f3e107d091465da21ea62a0ebdf2&secure%5Burl%5D=https%3A%2F%2Fwww.splashtop.com%2Ffoxpass%3Futm_source%3Dg2.com%26utm_medium%3Dcpc%26utm_campaign%3D251218_WW_WW_G2_Microsegmentation_Foxpass&secure%5Burl_type%5D=custom_url) --- ## Top-Rated Products (Ranked by G2 Score) ### 1. [Illumio](https://www.g2.com/products/illumio/reviews)  Illumio Zero Trust Segmentation is the first platform for breach containment. Visualize all communication between workloads and devices, set granular segmentation policies to control communications, and isolate high-value assets to stop breaches and ransomware from spreading. **Average Rating:** 4.6/5.0 **Total Reviews:** 32 **User Satisfaction Scores:** - **Quality of Support:** 9.4/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.0/10) - **Ease of Setup:** 8.9/10 (Category avg: 8.4/10) - **Ease of Use:** 9.3/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Illumio](https://www.g2.com/sellers/illumio) - **Company Website:** https://www.illumio.com/ - **Year Founded:** 2013 - **HQ Location:** Sunnyvale, California - **Twitter:** @illumio (3,414 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/illumio/ (854 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer & Network Security - **Company Size:** 42% Enterprise, 39% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (9 reviews) - Security (5 reviews) - Centralized Management (3 reviews) - Implementation Ease (3 reviews) - Installation Ease (3 reviews) **Cons:** - Difficult Learning Curve (2 reviews) - Integration Issues (2 reviews) - Compatibility Issues (1 reviews) - Difficult Learning (1 reviews) - Expensive (1 reviews) ### 2. [Check Point CloudGuard Network Security](https://www.g2.com/products/check-point-cloudguard-network-security/reviews) CloudGuard Network Security is a comprehensive cloud security solution designed to protect public, private, and hybrid cloud environments from a wide array of cyber threats. This platform focuses on delivering advanced threat protection, ensuring that organizations can confidently transition to the cloud while maintaining robust security measures. With an impressive malware catch rate, CloudGuard is engineered to defend against various types of attacks, including ransomware and other malicious software. Targeted at enterprises and organizations that are increasingly adopting cloud technologies, CloudGuard Network Security is particularly beneficial for IT teams and security professionals who require a reliable and efficient way to manage security across multiple environments. The solution is ideal for businesses looking to enhance their cloud security posture without compromising on agility or operational efficiency. By integrating seamlessly with leading Infrastructure as Code (IaC) tools, CloudGuard automates network security processes, making it easier for teams to implement security measures within their continuous integration and continuous deployment (CI/CD) workflows. One of the standout features of CloudGuard is its advanced protection capabilities. The platform includes a suite of security features such as a firewall, data loss prevention (DLP), intrusion prevention system (IPS), application control, IPsec VPN, URL filtering, antivirus, anti-bot protection, threat extraction, and threat emulation. These tools work in concert to provide a multi-layered defense strategy that addresses various attack vectors, ensuring that organizations can mitigate risks effectively. Additionally, CloudGuard's automated network security capabilities support IaC and CI/CD practices, allowing organizations to streamline their security processes through the use of APIs and automation. This enables security teams to focus on more strategic initiatives rather than being bogged down by manual tasks. The unified security management feature further enhances the solution by providing consistent visibility and policy management across hybrid-cloud and on-premises environments. Users can access logging, reporting, and control from a single interface, simplifying the management of security policies and improving overall operational efficiency. Overall, CloudGuard Network Security stands out in the cloud security landscape by offering a robust, integrated solution that not only protects against emerging threats but also enhances the agility and efficiency of security operations. Its comprehensive feature set and automation capabilities make it a valuable asset for organizations navigating the complexities of cloud security. **Average Rating:** 4.5/5.0 **Total Reviews:** 171 **User Satisfaction Scores:** - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.0/10) - **Ease of Setup:** 8.6/10 (Category avg: 8.4/10) - **Ease of Use:** 8.6/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies) - **Company Website:** https://www.checkpoint.com/ - **Year Founded:** 1993 - **HQ Location:** Redwood City, CA - **Twitter:** @CheckPointSW (70,998 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Network Engineer, Security Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 41% Enterprise, 30% Mid-Market #### Pros & Cons **Pros:** - Security (42 reviews) - Ease of Use (28 reviews) - Threat Detection (28 reviews) - Threat Protection (28 reviews) - Cloud Integration (22 reviews) **Cons:** - Complexity (26 reviews) - Difficult Setup (25 reviews) - Difficult Learning (24 reviews) - Difficult Configuration (23 reviews) - Difficult Learning Curve (22 reviews) ### 3. [AlgoSec Horizon](https://www.g2.com/products/algosec-horizon/reviews) AlgoSec, a global cybersecurity leader, empowers organizations to securely accelerate application delivery up to 10 times faster by automating application connectivity and security policy across the hybrid network environment. With two decades of expertise securing hybrid networks, over 2200 of the world's most complex organizations trust AlgoSec to help secure their most critical workloads. AlgoSec Horizon platform utilizes advanced AI capabilities, enabling users to automatically discover and identify their business applications across multi-clouds, and remediate risks more effectively. It serves as a single source for visibility into security and compliance issues across the hybrid network environment, to ensure ongoing adherence to internet security standards, industry, and internal regulations. Additionally, organizations can leverage intelligent change automation to streamline security change processes, thus improving security and agility. Learn how AlgoSec enables application owners, information security experts, SecOps and cloud security teams to deploy business applications faster while maintaining security at www.algosec.com. **Average Rating:** 4.5/5.0 **Total Reviews:** 215 **User Satisfaction Scores:** - **Quality of Support:** 8.4/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.0/10) - **Ease of Setup:** 8.4/10 (Category avg: 8.4/10) - **Ease of Use:** 8.7/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [AlgoSec](https://www.g2.com/sellers/algosec) - **Company Website:** https://www.algosec.com - **Year Founded:** 2004 - **HQ Location:** Ridgefield Park, New Jersey - **Twitter:** @AlgoSec (2,426 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/algosec/ (559 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 51% Enterprise, 29% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (15 reviews) - Policy Management (13 reviews) - Risk Management (9 reviews) - Automation (8 reviews) - Useful (8 reviews) **Cons:** - Improvement Needed (8 reviews) - Integration Issues (6 reviews) - Difficult Setup (5 reviews) - Complex Setup (4 reviews) - Expensive (4 reviews) ### 4. [Foxpass by Splashtop](https://www.g2.com/products/foxpass-by-splashtop/reviews) Foxpass Cloud RADIUS by Splashtop is a fully managed, cloud-hosted RADIUS authentication service designed to provide secure, passwordless access to Wi-Fi networks, VPNs, and various network infrastructures. This solution is particularly tailored for IT teams that prioritize security, control, and operational simplicity. By employing certificate-based and identity-based authentication protocols, Foxpass ensures that every device and user connection is validated, enhancing the overall security posture of an organization. The product is especially beneficial for organizations looking to eliminate the vulnerabilities associated with shared passwords. By utilizing X.509 certificate authentication (EAP-TLS) and identity-driven policies (EAP-TTLS), Foxpass facilitates the implementation of Zero Trust principles. This approach allows organizations to assign role-based access controls and maintain comprehensive audit visibility without the need for on-premises servers or complex Public Key Infrastructure (PKI). Such features make Foxpass an appealing choice for enterprises, educational institutions, and global teams seeking to streamline their authentication processes. Foxpass seamlessly integrates with various identity providers, including Microsoft Entra ID (Azure), Google, OKTA, and OneLogin. This integration is complemented by automated certificate management capabilities through leading Mobile Device Management (MDM) solutions such as Microsoft Intune, Jamf, Kandji, and Addigy. Additionally, the built-in Bring Your Own Device (BYOD) workflows enable secure enrollment of unmanaged or personal devices, ensuring that organizations can maintain security standards while accommodating diverse device types. Compliance with industry standards is another critical aspect of Foxpass. The service is designed to meet regulations such as GDPR, SOC 2, ISO 27001, HIPAA, FERPA, and CIPA, making it suitable for organizations with stringent compliance requirements. Furthermore, Foxpass offers regional hosting and data residency options, which are essential for organizations that must adhere to specific sovereignty or privacy mandates. This flexibility ensures that users can implement Foxpass in a manner that aligns with their operational and regulatory needs. Overall, Foxpass Cloud RADIUS by Splashtop stands out in the authentication service category by providing a robust, cloud-based solution that enhances security, simplifies management, and supports compliance across various industries. Its focus on passwordless access and seamless integration with existing identity systems positions it as a valuable tool for organizations aiming to enhance their network security infrastructure. **Average Rating:** 4.6/5.0 **Total Reviews:** 59 **User Satisfaction Scores:** - **Quality of Support:** 9.3/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Ease of Setup:** 9.1/10 (Category avg: 8.4/10) - **Ease of Use:** 9.1/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Splashtop Inc.](https://www.g2.com/sellers/splashtop-inc) - **Company Website:** https://www.splashtop.com - **Year Founded:** 2006 - **HQ Location:** Cupertino, CA - **Twitter:** @splashtop (5,224 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1944335/ (344 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager - **Top Industries:** Computer Software, Internet - **Company Size:** 70% Mid-Market, 23% Small-Business #### Pros & Cons **Pros:** - Ease of Use (4 reviews) - Performance Efficiency (4 reviews) - Reliability (4 reviews) - Setup Ease (4 reviews) - Customer Support (3 reviews) **Cons:** - Expensive (1 reviews) - Limited OS Compatibility (1 reviews) - Poor Interface Design (1 reviews) - Poor Navigation (1 reviews) - UX Improvement (1 reviews) ### 5. [Opinnate](https://www.g2.com/products/opinnate/reviews) Opinnate is an NSPM platform for firewall policy governance—analyzing real usage, optimizing policies, and automating changes. It enables least-privilege and segmentation readiness by continuously removing unused access and policy risk. Opinnate reduces policy sprawl by combining deep rule/object usage analytics, policy hygiene and optimization actions, and workflow-driven automation—so teams continuously improve security posture while cutting manual effort. Why teams choose Opinnate Fast to deploy, easy to run Opinnate is designed for simple installation, quick integration, and straightforward management, helping teams get value quickly without a steep learning curve. Lower TCO, no surprises With transparent licensing and low resource consumption, Opinnate keeps costs predictable and avoids the “complexity tax” (extra infrastructure, hidden add-ons, or operational dependencies). Passive monitoring for immediate visibility and hardening Opinnate’s passive monitoring analyzes historical syslog data to surface rule/object usage, unused access paths, and policy drift signals, enabling rapid hardening based on real traffic—not assumptions. Powerful reporting for security + audit needs Opinnate offers customizable reporting in Excel, PDF, and HTML, including compliance-ready outputs, scheduled delivery, and historical tracking. Continuous optimization + automation (not just recommendations) Opinnate goes beyond findings by enabling action: Optimization (actions on firewalls): handle shadowed/expired/unused rules, duplicate objects, consolidation opportunities, and scheduled optimization tasks. Automation (actions on firewalls): streamline rule/object changes, server cloning, controlled rule creation, and lifecycle workflows to reduce human error and speed up operations. With 30+ automation workflows, teams can achieve up to 80% effort savings on recurring firewall operations. Modular add-ons to extend visibility and governance Opinnate can be expanded with purpose-built add-ons that strengthen day-2 operations and governance: Application Visibility Add-on: improves policy accuracy by adding application-level context to rule evaluation and clean-up decisions. Firewall Backup Add-on: supports operational resilience with structured firewall backup management as part of policy governance workflows. License Tracking Add-on: helps teams track firewall licensing status and reduce risk from expirations or non-compliance. Certificate Tracking Add-on: tracks certificate inventory and lifecycle signals to prevent outages and security gaps caused by expired certificates. Flexible editions that match your maturity Lite (Analysis): rule analysis, usage analytics, reports, history & change tracking, alerts. Standard (Optimization): adds optimization actions on firewalls. Enterprise (Automation): adds automation actions on firewalls and lifecycle management. The bottom line Opinnate helps organizations continuously improve network security policies, reduce operational load, and move faster with fewer mistakes—delivering a simple, effective, and cost-efficient NSPM approach that scales from quick wins to full automation. **Average Rating:** 4.8/5.0 **Total Reviews:** 35 **User Satisfaction Scores:** - **Quality of Support:** 9.9/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.0/10) - **Ease of Setup:** 9.7/10 (Category avg: 8.4/10) - **Ease of Use:** 9.8/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Opinnate](https://www.g2.com/sellers/opinnate) - **Company Website:** https://opinnate.com - **Year Founded:** 2022 - **HQ Location:** London, Bromley - **Twitter:** @OpinnateSec (14 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/opinnate/ (12 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 60% Mid-Market, 23% Small-Business #### Pros & Cons **Pros:** - Ease of Use (8 reviews) - Efficiency (4 reviews) - Features (4 reviews) - Monitoring (3 reviews) - Solutions (3 reviews) **Cons:** - Firewall Issues (1 reviews) - Limited Features (1 reviews) - Notification Issues (1 reviews) - Update Issues (1 reviews) ### 6. [Cisco Identity Services Engine](https://www.g2.com/products/cisco-identity-services-engine/reviews) Cisco Identity Services Engine is a comprehensive network access control solution that serves as the policy decision point in a zero-trust architecture. It integrates intelligence from across the security stack to authenticate users and devices, enforce policies, and automatically contain threats. By providing centralized control over network access, ISE ensures that only trusted users and devices can connect to network resources, thereby enhancing security resilience and operational flexibility. Key Features and Functionality: - Centralized Network Access Control: ISE allows administrators to define and enforce access policies from a single interface, simplifying management and ensuring consistent security across the network. - Comprehensive Visibility: The system offers detailed insights into all endpoints and users connected to the network, including device types, locations, and access methods, facilitating informed decision-making and rapid response to potential threats. - Automated Threat Containment: ISE integrates with various security solutions to detect and respond to threats in real-time, automatically isolating compromised devices to prevent the spread of malware or unauthorized access. - Device Profiling and Posture Assessment: The platform continuously monitors device compliance with security policies, ensuring that only devices meeting organizational standards are granted access. - Flexible Deployment Options: ISE supports deployment across multiple environments, including on-premises and various cloud platforms, providing organizations with the flexibility to choose the best fit for their infrastructure. Primary Value and Problem Solved: Cisco ISE addresses the critical need for secure and efficient network access control in today's complex IT environments. By implementing a zero-trust model, it ensures that access to network resources is granted based on strict identity verification and compliance with security policies. This approach mitigates risks associated with unauthorized access, insider threats, and the proliferation of unmanaged devices. Additionally, ISE's centralized management and automation capabilities reduce administrative overhead, enhance operational efficiency, and support business continuity by maintaining a robust security posture. **Average Rating:** 4.2/5.0 **Total Reviews:** 10 **User Satisfaction Scores:** - **Quality of Support:** 7.6/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 8.7/10 (Category avg: 9.0/10) - **Ease of Setup:** 8.0/10 (Category avg: 8.4/10) - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Cisco](https://www.g2.com/sellers/cisco) - **Year Founded:** 1984 - **HQ Location:** San Jose, CA - **Twitter:** @Cisco (721,495 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,742 employees on LinkedIn®) - **Ownership:** NASDAQ:CSCO **Reviewer Demographics:** - **Company Size:** 60% Mid-Market, 30% Enterprise ### 7. [Zscaler Zero Trust Cloud](https://www.g2.com/products/zscaler-zero-trust-cloud/reviews) Zscaler global cloud delivers the entire gateway security stack as a service. By securely connecting users to their applications, regardless of device, location, or network, Zscaler is transforming enterprise security. **Average Rating:** 4.6/5.0 **Total Reviews:** 37 **User Satisfaction Scores:** - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.0/10) - **Ease of Setup:** 8.6/10 (Category avg: 8.4/10) - **Ease of Use:** 8.6/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Zscaler](https://www.g2.com/sellers/zscaler) - **Year Founded:** 2008 - **HQ Location:** San Jose, California - **Twitter:** @zscaler (17,530 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/234625/ (8,743 employees on LinkedIn®) - **Ownership:** NASDAQ:ZS **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 52% Enterprise, 29% Small-Business #### Pros & Cons **Pros:** - Security (5 reviews) - Threat Detection (4 reviews) - Ease of Use (3 reviews) - Protection (3 reviews) - Threat Protection (3 reviews) **Cons:** - Access Control (1 reviews) - Complex Configuration (1 reviews) - Complexity (1 reviews) - Complex Setup (1 reviews) - Difficult Configuration (1 reviews) ### 8. [Tufin Orchestration Suite](https://www.g2.com/products/tufin-tufin-orchestration-suite/reviews) Tufin simplifies the management of some of the largest, most complex networks in the world, that consist of thousands of firewall and network devices and emerging hybrid cloud infrastructures. Enterprises select the Tufin Orchestration Suite™ to increase their agility despite ever-changing business demands while reducing costs, ensuring compliance with regulations and internal policies, and maintaining a robust security posture. A single solution designed to meet the needs of both network and cloud security teams, the Suite reduces the attack surface and meets the need for greater visibility into secure and reliable application connectivity. With over 2,000 customers since its inception, Tufin’s network security automation enables enterprises to implement accurate changes in minutes instead of days, while improving their security posture and business agility.  How to learn more? To learn how Tufin can help you accelerate and automate your network security policy management, visit us at www.tufin.com, follow us on Twitter and LinkedIn, or read our blog at tufin.com/blog. **Average Rating:** 4.4/5.0 **Total Reviews:** 94 **User Satisfaction Scores:** - **Quality of Support:** 8.3/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.0/10) - **Ease of Setup:** 7.7/10 (Category avg: 8.4/10) - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Tufin](https://www.g2.com/sellers/tufin) - **Year Founded:** 2005 - **HQ Location:** Boston, Massachusetts - **Twitter:** @TufinTech (8,057 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/tufin-technologies (493 employees on LinkedIn®) - **Ownership:** NYSE: TUFN **Reviewer Demographics:** - **Top Industries:** Computer & Network Security, Banking - **Company Size:** 68% Enterprise, 20% Mid-Market ### 9. [Faddom](https://www.g2.com/products/faddom/reviews) Faddom provides IT and cyber teams with complete, real-time visibility into their hybrid infrastructure through agentless Application Dependency Mapping (ADM). With automated discovery and continuous mapping, organizations get precise, actionable insights into servers, applications, and interdependencies in under 60 minutes. Accurate, live documentation enables efficient change management, migration planning, stronger cybersecurity, compliance, and cost optimization. Built for speed, accuracy, and security, Faddom reduces complexity and risks while giving IT teams full command of their infrastructure. Deploy fast. Scale effortlessly. Own your topology. **Average Rating:** 4.5/5.0 **Total Reviews:** 104 **User Satisfaction Scores:** - **Quality of Support:** 9.2/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Ease of Setup:** 8.8/10 (Category avg: 8.4/10) - **Ease of Use:** 8.8/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Faddom](https://www.g2.com/sellers/faddom) - **Company Website:** https://faddom.com/ - **Year Founded:** 2022 - **HQ Location:** Tel Aviv - **Twitter:** @faddommapping (54 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/getfaddom/ (65 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Hospital & Health Care - **Company Size:** 45% Enterprise, 40% Mid-Market #### Pros & Cons **Pros:** - Features (15 reviews) - Tracking (14 reviews) - Customer Support (13 reviews) - Ease of Use (13 reviews) - Integrations (10 reviews) **Cons:** - Learning Difficulty (4 reviews) - Limited Features (4 reviews) - Cost (3 reviews) - Integration Issues (3 reviews) - Learning Curve (3 reviews) ### 10. [SecureW2 JoinNow](https://www.g2.com/products/securew2-joinnow/reviews) SecureW2 is a cloud-native authentication solution designed to enhance security by eliminating credential compromise through its innovative JoinNow Platform. This platform combines Dynamic Public Key Infrastructure (PKI) and Cloud RADIUS to facilitate real-time trust validation and continuous authentication for users accessing networks and applications. Each access request initiates an identity-based risk assessment, which determines the issuance of certificates and the corresponding access privileges. Once access is granted, the system continuously validates the compliance of devices, ensuring that only verified entities maintain their authorization. The JoinNow Platform caters to a diverse range of users, including K-12 and higher education institutions, mid-market businesses, and global enterprises. By providing scalable and resilient authentication solutions, SecureW2 addresses the unique security needs of various sectors without placing an additional burden on IT teams. The platform's ability to seamlessly integrate with existing identity providers, such as Entra ID (formerly Azure AD), Okta, and Google Workspace, allows organizations to implement adaptive, passwordless authentication without the need for complex upgrades or disruptions. SecureW2 effectively tackles several prevalent security challenges. Credential compromise remains a significant concern, as traditional passwords and multi-factor authentication (MFA) can be vulnerable. By utilizing certificate-based authentication, SecureW2 eliminates these risks entirely. Additionally, the platform addresses high operational overhead associated with managing legacy security systems by automating certificate issuance, revocation, and lifecycle management. This automation not only saves IT resources but also enhances visibility and control, providing real-time insights into authentication processes. Key features of SecureW2 include its agentless architecture, which eliminates software bloat while ensuring secure and frictionless authentication. The extensive policy engine allows organizations to create customized policies that are automatically enforced both before and after authentication. Continuous authentication adapts in real time, validating access dynamically based on evolving security conditions. Furthermore, the platform’s interoperability ensures compatibility with any identity provider, mobile device management (MDM) system, and security stack, making it a versatile choice for organizations looking to enhance their security posture. In summary, SecureW2 redefines authentication for modern businesses by ensuring that every access request is trust-validated. Its scalable, lightweight design enables rapid deployment and effortless scaling, allowing organizations to maintain robust security without the complexities and costs typically associated with traditional authentication solutions. **Average Rating:** 4.7/5.0 **Total Reviews:** 96 **User Satisfaction Scores:** - **Quality of Support:** 9.5/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Ease of Setup:** 8.6/10 (Category avg: 8.4/10) - **Ease of Use:** 8.5/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [SecureW2](https://www.g2.com/sellers/securew2) - **Company Website:** https://www.securew2.com/ - **Year Founded:** 2014 - **HQ Location:** Seattle, US - **Twitter:** @SecureW2 (85 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/securew2/ (118 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Primary/Secondary Education, Computer Software - **Company Size:** 55% Mid-Market, 41% Enterprise #### Pros & Cons **Pros:** - Customer Support (20 reviews) - Setup Ease (19 reviews) - Ease of Use (18 reviews) - Security (17 reviews) - Authentication (14 reviews) **Cons:** - Performance Issues (12 reviews) - Expensive (6 reviews) - Poor Customer Support (5 reviews) - Poor Documentation (5 reviews) - Difficult Learning Curve (4 reviews) ### 11. [Cisco Secure Workload (Tetration)](https://www.g2.com/products/cisco-secure-workload-tetration/reviews) Cisco Secure Workload stops threats from spreading and protects applications with zero trust microsegmentation. From a single pane of glass, it protects on-prem application workloads and those in private and public clouds. With visibility and AI/ML driven-automation, Secure Workload is designed to tackle tasks that are beyond human scale. It provides visibility into every workload application flow, so users know what their applications are doing. An open platform, Secure Workload integrates with systems of record to understand the behavioral interaction of applications with users and devices to generate best-practice policy recommendations that are tailored to any organization's environment and applications. Secure Workload maximizes existing investments and fosters collaboration by integrating with existing security tools and automation processes such as those used by application development teams. Within days of implementation, Secure Workload strengthens the organization's security posture by enabling the user to block insecure communications and virtual patch software vulnerabilities. And with microsegmentation in place, it helps bolster customer trust by protecting their data from threats, eases the path for compliance initiatives, and supports the onboarding of new applications and processes. **Average Rating:** 4.7/5.0 **Total Reviews:** 5 **User Satisfaction Scores:** - **Quality of Support:** 9.0/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Ease of Setup:** 9.2/10 (Category avg: 8.4/10) - **Ease of Use:** 9.7/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Cisco](https://www.g2.com/sellers/cisco) - **Year Founded:** 1984 - **HQ Location:** San Jose, CA - **Twitter:** @Cisco (721,495 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,742 employees on LinkedIn®) - **Ownership:** NASDAQ:CSCO **Reviewer Demographics:** - **Company Size:** 80% Small-Business, 20% Enterprise #### Pros & Cons **Pros:** - Customer Support (1 reviews) ### 12. [Akamai Guardicore Segmentation](https://www.g2.com/products/akamai-guardicore-segmentation/reviews) Guardicore is a data center and cloud security company that protects your organization’s core assets using flexible, quickly deployed, and easy to understand micro-segmentation controls. **Average Rating:** 3.8/5.0 **Total Reviews:** 2 **User Satisfaction Scores:** - **Quality of Support:** 5.0/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Ease of Setup:** 8.3/10 (Category avg: 8.4/10) - **Ease of Use:** 7.5/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Akamai Technologies](https://www.g2.com/sellers/akamai-technologies) - **Year Founded:** 1998 - **HQ Location:** Cambridge, MA - **Twitter:** @Akamai (115,398 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3925/ (10,444 employees on LinkedIn®) - **Ownership:** NASDAQ:AKAM **Reviewer Demographics:** - **Company Size:** 50% Mid-Market, 50% Enterprise ### 13. [Nutanix Flow Virtual Networking](https://www.g2.com/products/nutanix-flow-virtual-networking/reviews) Nutanix Flow Virtual Networking is a software-defined networking solution designed to simplify the creation, isolation, and management of virtual networks across private data centers and public cloud environments. By abstracting network operations from physical infrastructure, it enables organizations to deploy and manage complex, multi-site applications efficiently, without the constraints of traditional hardware-based networking. Key Features and Functionality: - Virtual Private Cloud (VPC Networking: Allows users to define virtual networks with complete control over IP address ranges, subnets, routing, and gateways, facilitating seamless connectivity across diverse environments. - Service Insertion and Access Control Lists (ACLs: Enables the creation and management of network access policies, enhancing security by integrating advanced security functions from Nutanix partners into the VPC environment. - Automated VPC Connectivity: Simplifies the connection of VPCs across local, disaster recovery, and public cloud-based Nutanix deployments, ensuring consistent network configurations and connectivity. - NAT and VPN Services: Provides Network Address Translation (NAT and Virtual Private Network (VPN services to link Nutanix VPCs with other private and virtual public cloud networks, facilitating secure and efficient data flow. Primary Value and User Benefits: Nutanix Flow Virtual Networking addresses the complexities associated with traditional network management by offering a software-defined approach that enhances agility, scalability, and security. It empowers application owners and cloud administrators to deploy and manage applications without dependency on physical network configurations, reducing deployment times and operational overhead. By providing features like automated disaster recovery failover, multi-tenant segmentation, and self-service network provisioning, it ensures that organizations can meet business recovery objectives, maintain secure and isolated tenant networks, and enable developers to configure networks without burdening operators. This comprehensive solution ultimately streamlines network operations, enhances security, and supports the dynamic needs of modern hybrid multicloud environments. **Average Rating:** 3.5/5.0 **Total Reviews:** 2 **User Satisfaction Scores:** - **Quality of Support:** 9.2/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.0/10) - **Ease of Setup:** 3.3/10 (Category avg: 8.4/10) - **Ease of Use:** 7.5/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Nutanix](https://www.g2.com/sellers/nutanix) - **Year Founded:** 2009 - **HQ Location:** San Jose, US - **Twitter:** @nutanix (90,676 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/735085/ (9,792 employees on LinkedIn®) - **Ownership:** NASDAQ:NTNX **Reviewer Demographics:** - **Company Size:** 100% Mid-Market ### 14. [ColorTokens Xshield](https://www.g2.com/products/colortokens-xshield/reviews) Xshield stops the lateral spread of malware & ransomware by putting a micro-perimeter around every network asset. With Xshield, you can visualize a map of all your network assets, applications, and their dependencies, and then set up traffic policies to protect them. It lets you manage multiple policy enforcement points, both agent-based and agentless, from one central console, decreasing complexity and saving on training and staffing. Xshield protects all possible points of breach, so there are no soft spots in your proactive cyber defense: data center servers, cloud workloads, Kubernetes containers, user endpoints, OT & IoT devices, and even legacy OS devices. Visit www.colortokens.com to learn more. **Average Rating:** 4.5/5.0 **Total Reviews:** 2 **User Satisfaction Scores:** - **Quality of Support:** 9.2/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Ease of Setup:** 8.3/10 (Category avg: 8.4/10) - **Ease of Use:** 9.2/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [ColorTokens Inc](https://www.g2.com/sellers/colortokens-inc) - **Year Founded:** 2015 - **HQ Location:** San Jose, California, United States - **Twitter:** @ColorTokensInc (431 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/colortokens/ (280 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 50% Mid-Market, 50% Small-Business ### 15. [Enclave](https://www.g2.com/products/enclave/reviews) Enclave is a modern network segmentation platform that combines – access control, asset inventory, encryption and zero trust network access – to create a breakthrough microsegmentation solution that prioritizes both IT and cybersecurity’s highest level needs. Enclave is purpose-built to simultaneously secure and segment your networks. Limit the damage a bad actor can do by decreasing the digital square footage they can explore. Easily implement access controls for employees, support staff, and third party vendors while never disrupting current operations. **Average Rating:** 5.0/5.0 **Total Reviews:** 1 **User Satisfaction Scores:** - **Quality of Support:** 10.0/10 (Category avg: 8.7/10) - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Ease of Setup:** 10.0/10 (Category avg: 8.4/10) - **Ease of Use:** 10.0/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [SideChannel](https://www.g2.com/sellers/sidechannel) - **Year Founded:** 2017 - **HQ Location:** Worcester, US - **LinkedIn® Page:** https://www.linkedin.com/company/sidechannelsecurity (40 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 100% Small-Business ### 16. [Cisco Hypershield](https://www.g2.com/products/cisco-hypershield/reviews) Bringing the power of hyperscaler technology to the enterprise, Cisco Hypershield is a groundbreaking security architecture designed to defend modern, AI-scale data centers. **Seller Details:** - **Seller:** [Cisco](https://www.g2.com/sellers/cisco) - **Year Founded:** 1984 - **HQ Location:** San Jose, CA - **Twitter:** @Cisco (721,495 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,742 employees on LinkedIn®) - **Ownership:** NASDAQ:CSCO ### 17. [ColorTokens Xtended ZeroTrust Security Platform](https://www.g2.com/products/colortokens-xtended-zerotrust-security-platform/reviews) Secure your workloads, users and critical assets from zero-day and advanced persistent threats in minutes **Average Rating:** 4.0/5.0 **Total Reviews:** 2 **User Satisfaction Scores:** - **Quality of Support:** 8.3/10 (Category avg: 8.7/10) - **Ease of Setup:** 10.0/10 (Category avg: 8.4/10) - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [ColorTokens Inc](https://www.g2.com/sellers/colortokens-inc) - **Year Founded:** 2015 - **HQ Location:** San Jose, California, United States - **Twitter:** @ColorTokensInc (431 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/colortokens/ (280 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 50% Small-Business, 50% Mid-Market ### 18. [Edera Protect Kubernetes](https://www.g2.com/products/edera-protect-kubernetes/reviews) Our container-native Type 1 hypervisor sits below the Linux kernel, enabling capabilities that are impossible with traditional containers—dynamic resource allocation, overcommitment, live migration, and complete workload isolation. While other solutions force tradeoffs between security, performance, and resource efficiency, we deliver all three simultaneously. We integrate seamlessly with existing Kubernetes deployments through a simple runtime class, allowing you to start realizing benefits immediately without changing how developers work. **Seller Details:** - **Seller:** [Edera](https://www.g2.com/sellers/edera) - **Year Founded:** 2024 - **HQ Location:** Seattle, US - **LinkedIn® Page:** https://www.linkedin.com/company/edera-dev (27 employees on LinkedIn®) ### 19. [Elisity](https://www.g2.com/products/elisity/reviews) Elisity is a leap forward in network segmentation architecture and is leading the enterprise effort to achieve Zero Trust maturity, proactively prevent security risks, and reduce network complexity. Designed to be implemented in days, without downtime, upon implementation, the platform rapidly discovers every user, workload and device on an enterprise network and correlates comprehensive insights into the Elisity IdentityGraph™. This empowers teams with the context needed to automate classification and apply dynamic security policies to any device wherever and whenever it appears on the network. These granular, identity-based microsegmentation security policies are managed in the cloud and enforced using your existing network switching infrastructure in real-time, even on ephemeral IT/IoT/OT devices. Founded in 2019, Elisity has a global employee footprint and a growing number of customers in the Fortune 500. **Seller Details:** - **Seller:** [Elisity](https://www.g2.com/sellers/elisity) - **HQ Location:** San Jose, US - **LinkedIn® Page:** https://www.linkedin.com/company/elisity-inc (106 employees on LinkedIn®) ### 20. [RidgeShield](https://www.g2.com/products/ridgeshield/reviews) RidgeShield Cloud Workload Protection, is your first line of defense, providing zero-trust Micro-segmentation technology to protect cloud workloads, regardless of whether they are deployed on-premises, in hybrid cloud, or multi-cloud environments. With RidgeShield, organizations can ensure the security posture of their network against sophisticated security threats. As an innovative host based micro-segmentation platform, RidgeShield supports a wide range of operating systems and workloads, continuously monitoring traffic across workloads and enforcing unified security policies across any environment. **Seller Details:** - **Seller:** [Ridge Security Technology](https://www.g2.com/sellers/ridge-security-technology) - **Year Founded:** 2020 - **HQ Location:** Santa Clara, California - **Twitter:** @RidgeSecurityAI (1,290 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/ridge-security/ (43 employees on LinkedIn®) ### 21. [ShieldX](https://www.g2.com/products/shieldx/reviews) The ShieldX Elastic Security Platform dynamically scales to deliver comprehensive and consistent controls to protect data centers, cloud infrastructure, applications and data no matter where they are or where they go to make the cloud more secure than on-premise deployments. **Seller Details:** - **Seller:** [ShieldX](https://www.g2.com/sellers/shieldx) - **Year Founded:** 2015 - **HQ Location:** San Jose, US - **Twitter:** @shieldxnetworks (328 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/shieldx-networks/ (13 employees on LinkedIn®) ### 22. [Unisys Stealth(core)](https://www.g2.com/products/unisys-stealth-core/reviews) Stealth(core)™ provides foundational capabilities —identity-based microsegmentation, cryptographic cloaking and encryption of data in motion — for transforming your existing networks into Zero Trust Networks without the added implementation and management complexity. **Seller Details:** - **Seller:** [Unisys](https://www.g2.com/sellers/unisys) - **HQ Location:** Blue Bell, PA - **Twitter:** @unisys (33,779 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/unisys (23,056 employees on LinkedIn®) - **Ownership:** NYSE:UIS - **Total Revenue (USD mm):** $2,820 ### 23. [vArmour](https://www.g2.com/products/varmour/reviews) vArmour is the leading provider of Application Relationship Management. Enterprises around the world rely on vArmour to control operational risk, increase application resiliency and secure hybrid clouds — all while leveraging the technology they already own without adding costly new agents or infrastructure. **Seller Details:** - **Seller:** [vArmour](https://www.g2.com/sellers/varmour) - **Year Founded:** 2011 - **HQ Location:** San Mateo, US - **LinkedIn® Page:** https://www.linkedin.com/company/varmour-networks (35 employees on LinkedIn®) ### 24. [Xage Security](https://www.g2.com/products/xage-security/reviews) The Xage Security Suite delivers comprehensive security for industrial operations, protecting every element, new or legacy, and every interaction: human-to-machine, machine-to-machine, or edge-to-cloud. **Average Rating:** 4.0/5.0 **Total Reviews:** 1 **User Satisfaction Scores:** - **Quality of Support:** 6.7/10 (Category avg: 8.7/10) - **Ease of Setup:** 10.0/10 (Category avg: 8.4/10) - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) **Seller Details:** - **Seller:** [Xage Security](https://www.g2.com/sellers/xage-security) - **Year Founded:** 2017 - **HQ Location:** Palo Alto, California, United States - **Twitter:** @xageinc (1,981 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/xage-security/ (100 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 100% Enterprise ### 25. [Zero Networks Segment](https://www.g2.com/products/zero-networks-segment/reviews) Least privilege networking solution that prevents attacks from spreading and causing damage by automatically restricting network access to only what is normally needed, everything else goes through 2-step verification. With the addition of identity segmentation, Zero Networks is creating a new sphere of security capabilities. The combination of Zero’s network and identity segmentation capabilities redefines least privilege architecture, providing a level of protection that the market has never seen before. It allows security teams to control network device segmentation down to the port and protocol level and then layer complete control of user logon access by logon type – network, local, service, etc. As if that wasn’t enough, you can also add multi-factor authentication to any of those controls. You simply can’t do this using any other platform on the market today. Zero’s combined capabilities of network and identity segmentation are going to rewrite the playbook auditors and examiners use to assess security programs. Security teams need to take note and get ahead of the game. **Average Rating:** 5.0/5.0 **Total Reviews:** 1 **Seller Details:** - **Seller:** [Zero Networks](https://www.g2.com/sellers/zero-networks) - **Year Founded:** 2019 - **HQ Location:** N/A - **LinkedIn® Page:** https://www.linkedin.com/company/zeronetworks (141 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 100% Small-Business ## Parent Category [Network Security Software](https://www.g2.com/categories/network-security) ## Related Categories - [Cloud Workload Protection Platforms](https://www.g2.com/categories/cloud-workload-protection-platforms) - [Network Security Policy Management (NSPM) Software](https://www.g2.com/categories/network-security-policy-management-nspm)