Great time saver when you want and need the extra layer of security on top of cumbersome IAM policies. The ability to schedule open ports on a time expiration schedule along with restricting that access to specific external addresses and protocols fits my needs.
My last star is reserved for when they add the ability to power up and down instances on schedule.

Dome9 allows us to better visualize what are the secure parts of our network vs the ones we must monitor / enhance security on.

Some of my favorite features include:
- Dynamic Access: you can request an access by SSH or other ports for a specific duration, securing even better servers by blocking those access most of the time and validating who access the servers / when
- Clarity: gives a great overview of the network infrastructure as well as connections in / out for monitoring
- Compliance: some audits can be ran through the account to see what can be done to improve security (just wish to have some more available in the future as HIPAA / PCI are not available through marketplace for now)
- Network security: easily see what is secure and some alerts with possible remediation
- Alerts: see changes of configuration raised directly into the alerts dashboard

Some features are actually already existing within AWS, but Dome9 present them in a way that makes it much easier to manage security and bring additional tools to easily secure even better our infrastructure.

Dome9 is a great product/service.
You can set up various security groups and integrates well with AWS. You can configure ports to be open/closed based on various options. On top of that you can set up multi-factor authentication for your Dome9 Login to help secure your account.

You can configure Dome9 to only accept SSH connections from Trusted IP's or have Time based leases. Great application and very user friendly.