Best Software for 2025 is now live!
View the Winners
DiscrimiNAT Firewall
Editedit
DiscrimiNAT Firewall
By Chaser Systems
Show rating breakdown
4.8 out of 5 stars
See all 2 DiscrimiNAT Firewall reviews
Save to My Lists
Claimed
Claimed
This profile has been claimed by DiscrimiNAT Firewall, but it has limited features.
Do you work at DiscrimiNAT Firewall? Upgrade your plan to update branding and connect with profile visitors!

Top Rated DiscrimiNAT Firewall Alternatives

NordLayer
(117)
4.3 out of 5
Visit WebsiteNew Tab
SponsoredYou’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Check Point Next Generation Firewalls (NGFWs)
(408)
4.5 out of 5
SolarWinds Observability
(775)
4.3 out of 5
See all DiscrimiNAT Firewall Alternatives

DiscrimiNAT Firewall Reviews & Product Details

Editadmin
Paul S.
PS
Cloud Security Engineer
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Verified Current User
Review source: Organic
What do you like best about DiscrimiNAT Firewall?

We really like the speed and simplicity of deployment using Terraform with the vendor-supplied modules, no need for console access, and authorization determined by security group rule descriptions. We initially used the "see-thru" mode to determine existing outbound traffic without enforcement.

We simply replaced our existing NAT Gateways with DiscrimiNAT, added the rules to our security groups, then checked traffic details in CloudWatch logs (AWS) or Cloud Logging (GCP).

It's particularly well suited to our organization with a large number of autonomous teams who want a simple, secure egress solution that's easy to configure, no change to application code, and no need for explicit proxy settings.

DiscrimiNAT is available via AWS and GCP Marketplaces, so it's easy to procure - as the cost is simply included in the monthly cloud provider bill.

There's a high standard of documentation with example Terraform code, and we received a prompt response to a minor technical query. Review collected by and hosted on G2.com.

What do you dislike about DiscrimiNAT Firewall?

One downside of DiscrimiNAT is that it can't filter on URL path - for example, you can't block all of github.com except for github.com/mycompany. However, implementing that level of control would require an SSL interception solution which isn't suitable for us, due to the need to install the proxy certificate chain as trusted in our server operating systems and applications. Review collected by and hosted on G2.com.

What problems is DiscrimiNAT Firewall solving and how is that benefiting you?

DiscrimiNAT provides controlled egress to authorized domains from cloud computing environments in AWS and GCP, using TLS and SSH. It significantly reduces the risk of data exfiltration, malware, and command and control using reverse shell attacks. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link

DiscrimiNAT Firewall Overview

Editedit
What is DiscrimiNAT Firewall?

The DiscrimiNAT Firewall is a transparent, proxy-less Managed NAT alternative to discover & filter egress traffic by FQDNs in a Shared VPC. It's built upon our cutting-edge technology, Wormhole DNS, that handles highly variable, low TTL and load-balanced domain name resolution results perfectly well to give your applications uninterrupted access to allowed destinations. CONSOLE INTEGRATION There are no new UIs to learn – the configuration is stored in cloud resources directly, and the flow & audit logs go to the native logging service. GitOps FTW because only cloud's APIs are used for interfacing, you will never have to leave the cloud console. SPOOFING PREVENTION Unlike SNI only or Suricata based, DiscrimiNAT does conduct out-of-band DNS lookups, so TLS SNI spoofing by supply-chain malware will be logged & stopped. It even supports allowing SSH by FQDNs. The next Log4J won't slip through! SAFE WILDCARDS Public Suffix List safeguard in place, by default, to reject wildcard patterns matching all tenants on a CSP or a CDN (aka Effective TLDs); precise patterns can also be configured with use of glob characters (*, ?). TRANSPARENT OPERATION No need to set http_proxy like environment variables or change any code. Everything in the VPC, from VMs to k8s and Serverless, will have its egress traffic routed through DiscrimiNAT. Swapping to (and from) Managed NAT is just changing a route table entry. FQDN DISCOVERY Don't know what needs allowing? With the ‘see-thru’ monitor mode, egress traffic can be logged without blocking; then a CLI command extracts FQDNs accessed. We have a 3½ min video on how easy it is! LEAST PRIVILEGE EGRESS You no longer need to apply the entire allowlist to large CIDR ranges hosting multiple applications. The policies are as granular as native firewall rules/security groups, so each application gets access to only what it needs. This translates to micro-segmentation in Zero Trust architectures. DEVELOPER GUARD RAILS With bidirectional enforcement of TLS 1.2+ and SSH v2, automated expiry of exemptions, dropping unencrypted Internet-bound traffic, etc., each feature has been carefully designed to avoid footguns. REFINED OPERABILITY DiscrimiNAT integrates with cloud's native load balancers and runs with high-availability, load-balancing & auto-scaling within your VPC. It's also completely maintenance-free! ENTERPRISE READY Whether you seek compliance with PCI DSS v4.0 or NIST SP 800-53 AC-4 , SC-7 and SC-8, we've got it covered. Also, DiscrimiNAT is hardened to CIS Ubuntu Linux 20.04 LTS Benchmark v1.1.0 Level 2 - Server. Besides the quarterly updates, critical OS updates are released in less than 10 days and rolling updates apply seamlessly.

DiscrimiNAT Firewall Details
Discussions
DiscrimiNAT Firewall Community
Show LessShow More
Seller Details
Seller
Chaser Systems
Year Founded
2019
HQ Location
Cambridge, England
Twitter
@ChaserSystems
68 Twitter followers
LinkedIn® Page
www.linkedin.com
Description

The trinity of 'developer experience + security standards + operational excellence' is greater than the sum of its parts. We call it 'ergonomic cybersecurity'.

DA
Overview Provided by:
Dhruv AHUJA

Recent DiscrimiNAT Firewall Reviews

Verified User
A
Verified UserEnterprise (> 1000 emp.)
4.5 out of 5
"Good forward proxy for our egress security on Google Cloud"
We like the fact that DiscrimiNAT is doing FQDN filtering on SNI while being a transparent proxy, that it integrates with native firewall rules on ...
Read more
Paul S.
PS
Paul S.Enterprise (> 1000 emp.)
5.0 out of 5
"Secure egress solution with very straightforward rule configuration"
We really like the speed and simplicity of deployment using Terraform with the vendor-supplied modules, no need for console access, and authorizati...
Read more
Security Badge
This seller hasn't added their security information yet. Let them know that you'd like them to add it.
0 people requested security information

DiscrimiNAT Firewall Media

DiscrimiNAT Firewall Demo - [AWS] FQDNs in native egress Security Groups
Just add the FQDNs in the description field of the usual AWS Security Groups, associated per application/VMs.
DiscrimiNAT Firewall Demo - [GCP] FQDNs in native egress Firewall Rules
Just add the FQDNs in the description field of the usual GCP Firewall Rules, associated per application/VMs by the way of Network Tags.
DiscrimiNAT Firewall Demo - [GCP] FQDNs in native egress Firewall Rules
Just add the FQDNs in the description field of the usual GCP Firewall Rules, associated per application/VMs by the way of Network Tags.
DiscrimiNAT Firewall Demo - [GCP] Logs in StackDriver
Config Audit and Flow logs appear in StackDriver with zero config required.
DiscrimiNAT Firewall Demo - [AWS] FQDNs in native egress Security Groups
Just add the FQDNs in the description field of the usual AWS Security Groups, associated per application/VMs.
DiscrimiNAT Firewall Demo - [AWS] Logs in CloudWatch
Config Audit and Flow logs appear in CloudWatch with zero config required.
Answer a few questions to help the DiscrimiNAT Firewall community
Have you used DiscrimiNAT Firewall before?
Yes

1 out of 2 Total Reviews for DiscrimiNAT Firewall

4.8 out of 5
The next elements are filters and will change the displayed results once they are selected.
Search reviews
Hide FiltersMore Filters
The next elements are filters and will change the displayed results once they are selected.
  • Company SizeExpand/Collapse Company Size Filter
  • User RoleExpand/Collapse User Role Filter
  • CategoryExpand/Collapse Category Filter
  • IndustryExpand/Collapse Industry Filter
  • RegionExpand/Collapse Region Filter
The next elements are filters and will change the displayed results once they are selected.
  • Sort By:
    G2 Sort
1 out of 2 Total Reviews for DiscrimiNAT Firewall
4.8 out of 5
  • Sort By:
    G2 Sort
1 out of 2 Total Reviews for DiscrimiNAT Firewall
4.8 out of 5
  • Sort By:
    G2 Sort
G2 reviews are authentic and verified.
Here's how.
Verified User in Manufacturing
AM
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Review source: Organic
What do you like best about DiscrimiNAT Firewall?

We like the fact that DiscrimiNAT is doing FQDN filtering on SNI while being a transparent proxy, that it integrates with native firewall rules on GCP and that it's really fast and performant. We deploy it with the Terraform module and it's maintenance-free for us. In addition, we always had really fast feedback and help from the Team anytime we reached out for advice / feedback. Price is also good. Review collected by and hosted on G2.com.

What do you dislike about DiscrimiNAT Firewall?

We don't have any issues as of now. In the past, the lack of wildcards was a downside, but it's now fully supported. Review collected by and hosted on G2.com.

What problems is DiscrimiNAT Firewall solving and how is that benefiting you?

We have a security requirement to filter egress traffic from our Cloud infrastructure. DiscrimiNAT makes that easy and integrates well. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link

There are not enough reviews of DiscrimiNAT Firewall for G2 to provide buying insight. Below are some alternatives with more reviews:

1
Check Point Next Generation Firewalls (NGFWs) Logo
Check Point Next Generation Firewalls (NGFWs)
4.5
(408)
Check Point Firewall. The Check Point Firewall Software Blade incorporates all of the power and capability of the revolutionary FireWall-1 solution while adding user identity awareness to provide granular event awareness and policy enforcement.
2
SolarWinds Observability Logo
SolarWinds Observability
4.3
(775)
SolarWinds® Hybrid Cloud Observability is a full-stack observability solution designed to integrate data from across IT on-premise and multi-cloud environments. The solution includes built-in intelligence designed to help customers optimize performance, ensure availability, and reduce remediation time across IT infrastructures. It is intended for all organizations and industries. Hybrid Cloud Observability is designed to: - Help users resolve issues quicker with better visibility of the environment - Deliver value across the organization with increased efficiency accruing from proactive responsiveness
3
Datadog Logo
Datadog
4.3
(541)
Datadog is a monitoring service for IT, Dev and Ops teams who write and run applications at scale, and want to turn the massive amounts of data produced by their apps, tools and services into actionable insight.
4
Palo Alto Cortex XSIAM Logo
Palo Alto Cortex XSIAM
4.3
(474)
5
Progress WhatsUp Gold Logo
Progress WhatsUp Gold
4.4
(344)
WhatsUp Gold is unified infrastructure and application monitoring software that gives modern IT teams the ability to monitor their increasingly complex IT environment with a single product.
6
Sophos Firewall Logo
Sophos Firewall
4.6
(335)
Ultimate enterprise firewall performance, security, and control.
7
Netgate pfSense Logo
Netgate pfSense
4.8
(320)
The Netgate pfSense project is a powerful open source firewall and routing platform based on @FreeBSD.
8
WatchGuard Network Security Logo
WatchGuard Network Security
4.7
(261)
WatchGuard has deployed nearly a million integrated, multi-function threat management appliances worldwide. Our signature red boxes are architected to be the industry's smartest, fastest, and meanest security devices with every scanning engine running at full throttle.
9
Coralogix Logo
Coralogix
4.6
(226)
Coralogix is a stateful streaming data platform that provides real-time insights and long-term trend analysis with no reliance on storage or indexing, solving the monitoring challenges of data growth in large scale systems.
10
FortiGate NGFW Logo
FortiGate NGFW
4.7
(175)
FortiGate offers a network security platform, designed to deliver threat protection and performance with reduced complexity.
Show More

Explore More

Intent Data
Hybrid Workplace Trends in 2022
Trading Platforms
Best Graphic Design Software
Code Climate Velocity
Microsoft 365 Reviews
Anti Money Laundering (AML)
Household Employee
Google Compute Engine reviews
DiscrimiNAT Firewall