Coming October 25: PeerSpot Awards will be announced! Learn more

Skybox Security Suite OverviewUNIXBusinessApplication

Skybox Security Suite is #6 ranked solution in top Vulnerability Management tools and top Firewall Security Management tools. PeerSpot users give Skybox Security Suite an average rating of 7.8 out of 10. Skybox Security Suite is most commonly compared to AlgoSec: Skybox Security Suite vs AlgoSec. Skybox Security Suite is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 21% of all views.
Skybox Security Suite Buyer's Guide

Download the Skybox Security Suite Buyer's Guide including reviews and more. Updated: September 2022

What is Skybox Security Suite?

The Skybox Security Suite platform combines firewall and network device data with vulnerability and threat intelligence, prioritizing security issues in the context of your unique environment. Powerful attack vector analytics reduce response times and risks, bringing firewall, vulnerability and threat management processes for complex networks under control.

Firewall Assurance brings all firewalls into one normalized view, continuously monitoring policy compliance, optimizing firewall rulesets and finding attack vectors that others miss. Skybox covers the most comprehensive list of firewall vendors, complex rulesets, even virtual and cloud-based firewalls. With proven scalability in 1,500+ firewall deployments, Firewall Assurance keeps rules optimized and ensures changes don’t introduce new risk. 

Gain total visibility of the vulnerabilities in your attack surface without waiting for a scan. Leverage Skybox Research Lab's vulnerability and threat intelligence, and automatically correlate it to your unique environment. With network modeling and advanced simulations, pinpoint exposed vulnerabilities and other attack vectors. And use context to prioritize vulnerabilities in terms of actual risk and respond to threats with accuracy and efficiency.

For more information or to view a demo, visit www.skyboxsecurity.com.

Skybox Security Suite Customers

ADP, Blue Cross Blue Shield, BT, USAID, Delta Dental, EDF Energy, EMC, HSBC, Johnson & Johnson

Skybox Security Suite Video

Skybox Security Suite Pricing Advice

What users are saying about Skybox Security Suite pricing:
  • "Currently, the licensing costs me about $300 USD for the year. This is a huge amount for my environment."
  • "Licensing is normally on a yearly basis. There may also be a perpetual license. Normally, the customers ask for a lower price. If you want to sell more, you have to think about it."
  • "The price of the Skybox Security Suite can be expensive."
  • "When compared with other companies, the license is more costly."
  • "Skybox comes with extra licenses and has a change management license. The licenses are expensive, but they come with extra value."
  • Skybox Security Suite Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    AbdulMohsin - PeerSpot reviewer
    Regional Sales Engineer at RedSeal, Inc.
    Real User
    Top 10Leaderboard
    Rich vulnerability management that is controlled from a single pane of glass, but the network modeling capability needs improvement
    Pros and Cons
    • "The most valuable feature is firewall management."
    • "The Network Assurance, which helps to create the network model, is not so rich."

    What is our primary use case?

    We are a system integrator and this is one of the products that we implement for our clients. This is one of the vendors that we focus on, from a security standpoint.

    Skybox has an amazing portfolio that makes up the security solution. You can onboard your network devices with the network assurance module. This includes layer three, layer two switches, load balancers, and so on. This partially builds the network model for the infrastructure and the entire security platform is built off of that.

    How has it helped my organization?

    With the combination of the vulnerability management database and third-party integration, vulnerability management is very rich. When you add the network model, Skybox can tell you exactly which vulnerabilities in the infrastructure are exploitable. I have seen examples where there are 7,000 vulnerabilities exposed at one time. This includes highlighting things that are open, or exposed.

    What is most valuable?

    The most valuable feature is firewall management. It is excellent. It works by onboarding different firewall vendors and together with network assurance, builds a complete network model.

    Vulnerability management is very good and it has its own vulnerability database. It gives you the ability to integrate with vulnerability management tools like Nessus, which is used by Tenable, Rapid7, and Qualys. The vulnerability software also integrates with endpoint software such as Symantec, Trend Micro, and McAfee. This is important because in this era, the biggest threat is from the endpoint. This is where most of the attacks are coming from these days.

    Skybox integrates with patch management, which contributes to the broad functionality.

    Everything is controlled from a single pane of glass.

    The Skybox Suite includes change management, which makes up part of the complete security solution.

    Skybox Horizon is a dashboard that shows you all of the modules. It is nice because it can show granularity at the level of interest for the NOC or SOC, but it can also give executive dashboarding for the VP or CTO at a business level that is not as concerned about the details.

    The out-of-the-box compliance is very good, as it handles PCI and ISO.

    What needs improvement?

    The Network Assurance, which helps to create the network model, is not so rich. It tells you the best part, and it gives you the alternate routes that are available based on the configuration and the routing table, but it doesn't give you the analytics. One of the issues with security is that if the network model is incorrect then no matter what I add on top of it, it's going to be of no use. Network modeling is the foundation for vulnerability management, test management, firewall management, and change management.

    The focus on risk analytics is not very good and should be improved. It relies on the CVSS (Common Vulnerability Security Score), which gives you a vulnerability score based on the standard. The difficulty with this is that sometimes, risks are based on critical assets, and these can differ between environments. My critical assets, for example, may be different than those of my customers. As such, it doesn't give you a fully-fledged risk score. On top of this, it doesn't give you the flexibility to configure a set of weights to adjust the criticality of the assets, the users, and the entities within the infrastructure.

    Another area where Skybox lacks is the calculation for combinations and permutations of traffic from each interface. For example, in RedSeal, if traffic comes in from one interface and doesn't go out the desired interface, you can see what is vulnerable, what the vulnerability is, what is exposed, what is exploitable, whether it is subject to an insider threat or an outside threat, what the criticality is, and so on. It is all related to network modeling and seeing what happens when an interface goes down. In general, it needs to be enhanced.

    They have to improve their integration with vulnerability management tools. It is good with some products, such as Tenable, but not really good with Rapid7.

    Technical support can be improved in some regards because certain teams are better than others.

    There is no dashboard for ISR compliance or NESA compliance.

    Buyer's Guide
    Skybox Security Suite
    September 2022
    Learn what your peers think about Skybox Security Suite. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
    632,611 professionals have used our research since 2012.

    For how long have I used the solution?

    3 years

    What do I think about the stability of the solution?

    Skybox Suite is an unstable solution.

    What do I think about the scalability of the solution?

    This is a scalable solution.

    In the region that I am working in, the director has indicated that we want to target organizations with a minimum of 15 firewalls and 500 devices. Essentially, the networks are very big, the firewalls and devices might be from different vendors, and the operations teams are having trouble managing them.

    Skybox, from a scalability perspective, is only for customers with a very large environment that is complex.

    Scalability is also a factor when a customer is migrating to the cloud. Specifically, when transitioning from on-premises to the cloud the customer will need cloud-based firewalls, load balancing, sandboxing, etc. This means that the network map in Skybox needs to include the cloud.

    How are customer service and support?

    When I am working on a deployment or on a PoC, and I see an issue with the software that is not related to the configuration, I open a ticket with the support team.

    I am not always satisfied with the support that they provide. In general, I am satisfied, but there are different teams within Skybox that handle different modules. The firewall management team is the best, the network assurance team is very good, and the vulnerability and threat management team is not so good. Sometimes, I get the wrong person and I have to escalate the ticket to the highest priority and get the engineering team on it. With change management, I have only had technical support in regards to a single client.

    How was the initial setup?

    The initial setup is straightforward, as you have a template for the network assurance.

    This solution can be installed on-premises or as a cloud-based deployment with the virtual edition. The architecture for the latter is very simple. In a small environment with less than 1,000 devices, you can use one server, install the software, and it has a database associated with it. You just have to make sure that it can be accessed by every device across the VLAN.

    The tricky part of the configuration has to do with vulnerability management, threat management, and change management. When it comes to difficulty, change management is the hardest one when it comes to configuration. The reason for this is that customers normally have their own change management solution, such as ServiceNow and they are not very comfortable offloading the ITSM to do change management. It's a hard shift and a difficult sell. If it is done properly, however, it can automatically identify the vulnerabilities and threats and mitigate them as per the change management policy. Workflows need to be defined. For example, when a firewall change is needed then it needs to know the chain of approval. Since every customer has their own approval or rejection procedure, it has to be based on their requirements.

    When it comes to deployment, we use a "Land and Expand" strategy. We land with network assurance and firewall management, which gives the customer a taste of the product. From there, we onboard vulnerability management and threat management. I don't recommend to anybody that they start with this solution full-fledged because it will not necessarily yield a better ROI.

    For a network of perhaps a thousand network devices, if all of the ports are open and the permissions are in place, then it should not take longer than two days. You can take one extra day for fine-tuning, but three days is more than enough. After this, it will take another two days for firewall management. When we consider the vulnerability management and threat management modules, we have to take them on a case-by-case basis.

    Sometimes, a customer will not have a vulnerability management tool like Tenable or Rapid7, so we rely solely on the Skybox vulnerability database. We also integrate with endpoint solutions because of the importance of protecting them. As an example, if the customer is using McAfee for the endpoint protection then it will take me around three days to complete the integration. Certain vendors do not provide out of the box integration, so we have to use the API, which adds to the time required for deployment. Often, it can be done in three days.

    Finally, change management is a tough thing to do that depends on the use cases. Without this aspect considered, I would say that the deployment can be completed in 15 days. This is all for a typical deployment. If the customer needs customization then it will change the deployment date.

    What about the implementation team?

    A deployment engineer is a single person and I can do the deployment myself. It is not often very complex, as long as things are done correctly from the beginning. The checklist has to be complete, which means that the image has to be stable and the compute that you requested is there. You also need to ensure that the required port numbers for device accessibility are there from the server, and the database is there. Once all of that is in place, the configuration is not difficult.

    When it comes to integration, the other vendor has to be available during the same period. It is sometimes difficult to schedule but it is necessary to complete the deployment in a specified timeframe.

    What was our ROI?

    The ROI would not be good for a smaller company, which is why Skybox is better for large networks. It may take three or four years for a small company to break even.

    All of the firewall vendors have their own firewall manager. Fortinet, for example has FortiManager, whereas Palo Alto has Panorama. If a customer has only four firewalls and they are all from Fortinet then it makes more sense for them just to use FortiManager.

    The value really comes in when there are a large number of firewalls and they are from different vendors. This is where 360-degree visibility really starts to help. When you see the amount of time it saves, this is where the ROI becomes obvious.

    Which other solutions did I evaluate?

    I have been evaluating other options including RedSeal, AlgoSec, Tufin, and FireMon. Each vendor has its own strengths and weaknesses. I think that the network modeling capability in RedSeal is far ahead of the rest. Also, in terms of vulnerability management, RedSeal is amazing.

    FireMon is really lacking in terms of network modeling.

    My best choice is RedSeal.

    What other advice do I have?

    My advice to anybody who is implementing this product is to make sure that they utilize it. The usage of it should be mandated for the NOC and SOC. They should use a single dashboard to take care of all of your infrastructure components.

    When a Skybox representative visits to discuss this solution, it is important to discuss the use cases properly. Have a good project plan and it is also very important to have the right partner. They should be certified, trained, and involved at all stages.

    Overall, it is a pretty good product. When you use it, you will see the benefit of it.

    I would rate this solution a seven out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Vladimir Jirasek - PeerSpot reviewer
    CEO at Foresight Cyber Ltd
    Reseller
    Top 5Leaderboard
    A unique network model that understands flows of data and analyzes vulnerabilities
    Pros and Cons
    • "The solution's most valuable and unique assets are the vulnerability management and change management solutions because they identify mistakes in the network before implementation which reduces risks."
    • "The solution needs to move improve its interface to a full web browser version that is more accessible and doesn't require installation for use."

    What is our primary use case?

    Our company installs and manages the solution for our clients and we have two primary use cases. 

    The most common use case is monitoring the security compliance of firewalls. Every company has a firewall policy that includes rules, what traffic is allowed, which ports are open and more. The solution analyzes each firewall and reports if compliance is not achieved. 

    Another use case is importing network devices. The solution builds a map to analyze an entire network including compliance of routers and switches that sit behind the firewall. For example, a banking customer might have network zones such as office, core systems, and ATM cashpoints. Between those, the bank has various policies about what traffic can be open. The solution monitors compliance of the network's configuration against policies. Most UK banks are using the solution for this purpose because it is a unique feature. 

    A third use case is change management in relation to firewalls. Companies that monitor their firewalls and network zones's compliance often have change orders. If a user requests a change today but it isn't implemented for a week, some solutions will only pick up a non-compliance issue at the actual time of implementation. This solution includes a change manager module that reviews changes before they are implemented, catches non-compliance issues, and stops implementation until they are corrected. It handles all network assurance including in the cloud. 

    The final use case is vulnerability management. The solution is unlike Qualys which scans while it detects vulnerabilities, but it instead imports vulnerabilities and patch statuses from various vendors. This is a very useful tool for companies who may have different vulnerability scanners and patch management solutions because the solution imports everything into one consistent system where it runs vulnerabilities. The solution looks at which systems are most risky to fix those vulnerabilities first. Because of its unique network model, the solution understands possible flows of data in the network and analyzes attack vulnerabilities. 

    What is most valuable?

    The solution's most valuable and unique assets are the vulnerability management and change management solutions because they identify mistakes in the network before implementation which reduces risks. There aren't many competitors offering these tools. 

    What needs improvement?

    The solution needs to move and improve its interface to a full web browser version that is more accessible and doesn't require installation for use. 

    Speed of analysis could be improved because it takes quite a lot of computing power to import data from various networks, servers, firewalls, routers, and vulnerability scanners. Sometimes it can take 12 hours to run an analysis. If you understand scaling, upscaling vertically doesn't work really well because there's always a ceiling in computing resources. But upscaling horizontally by making the solution capable of paralyzing computational resources works well in computing science and theory. 

    For how long have I used the solution?

    I have been using the solution every day for eight years. 

    What do I think about the stability of the solution?

    The stability has improved greatly because there has been a drive for improvement. Currently, stability is as good as any other enterprise software. 

    What do I think about the scalability of the solution?

    The current solution is only scalable vertically. When you scale vertically, you are adding bigger resources to the same computer. 

    If you have a computer server that needs more speed, you might change CPUs. You may add an additional CPU or add more memory or disk space. But there is a ceiling because of server size. It is not feasible to buy a server with 300 petabytes of memory. There are also storage and CPU ceilings. If you have a bigger network and you need to analyze it faster or you have a lot of information, then you need a bigger server. 

    Skybox is rearchitecting the solution to scale horizontally and ask before running analysis on the server. Instead, the analysis will be offloaded to different virtual machines that can be paralyzed effectively. Essentially, you go left or right to connect with resources. Instead of one server for the task, you can have 50 servers that might only be in use for ten minutes. The server speaks to the infrastructure, tells it to access 50 servers to run a certain application like a script or Java codes, assigns the task, and tells the infrastructure to report back with the results. Scaling horizontally is the only way in computer science to effectively tap into unlimited scaling. 

    How are customer service and support?

    We only use support when we have problems that we can't solve ourselves. For us, support is topnotch and I rate it a ten out of ten. 

    The support experience depends on who is asking. If an IT engineer has been given the solution to run, they might have to ask a lot of questions and the support for that won't be very good. To be honest, I've seen support queries from customers that clearly shouldn't be touching a server. Support doesn't know what to do with requests from these customers. For these cases, I would rate support an eight out of ten. 

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    Setup can be tricky if you don't have experience. It can be a complicated product to install and operate. Most of the issues we've experienced don't relate to the tool itself but relate to the availability of data points. 

    The solution needs to import conflicts from firewalls, network routers, vulnerability scanners, and maybe patch management solutions. Stakeholders are not only security teams but network teams that could be from Linux, Windows, a third-party provider, managed security, managed party, or managed IT providers. 

    The complexity is not related to how well the solution works but the process for embedding it in a company. The biggest challenge is organizational complexity and selling the usefulness of the solution to all parties. The typical owner of the solution is the security team. If they don't have a good relationship with the networking team, then that team may not want to provide information about the configuration of firewalls or routers. Without this information, the security team is stuck, won't be able to find conflicts, and Skybox isn't doing anything. This complexity is typically on the organizational structure side and includes internal politics and complex service partners. 

    What about the implementation team?

    Our setup team is very experienced and handles installations. We are the only certified service plus partner in India for design, implementation, and management. Our experience is a ten out of ten.

    We are often called on to review implementations and find inefficiencies. It is easy to make a mistake and it's important to correct them quickly for customers who've already invested a big budget in licenses and implementation. 

    An IT engineer who doesn't have experience might struggle. Based on this, I would rate the setup a six out of ten. 

    What's my experience with pricing, setup cost, and licensing?

    The solution is not inexpensive but customers value cyber security assurance, network assurance, and vulnerability management. A mid-size organization may not be able to afford the solution which is geared toward companies with 2,000 users. 

    Value and ROI are two different things. Overall, ROI in cyber security only exists in well-defined cases, but there is clear value for customers who use the solution. 

    What other advice do I have?

    It is important to talk with experts to determine if this is the right solution for your company. If you go to a car dealership, you might have a certain budget and can only afford a small Volkswagen Golf. But you might be persuaded to go with a top brand and bigger package. 

    An expert will first analyze needs or use cases and then engage with other teams required for configuration like network teams or third-party IT providers. If all teams are not on board but the solution is purchased, you might spend several months negotiating with those teams to get what you need. During this time, the company is wasting money because the solution is not able to do anything. 

    Experts will first create a design for the organization and solution. How will it be used? Who are the stakeholders? How will we obtain the necessary configuration files? Where will it be hosted? Who will operate it? The information creates a business case and informs a purchasing decision. It is important that companies follow this structure rather than advice like, "This is a really good tool so you should buy it now and figure it out later."

    The tool is very useful but not marketed widely because it is a niche product. Other tools like FortiGate market widely and many companies are certified to design, implement, and manage it.

    I rate the solution an eight out of ten only because it is not for small or medium-sized businesses but rather for large enterprises with specific compliance needs. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Skybox Security Suite
    September 2022
    Learn what your peers think about Skybox Security Suite. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
    632,611 professionals have used our research since 2012.
    Business Consultant. at a tech services company with 11-50 employees
    Reseller
    Top 10Leaderboard
    Good solution with strong features
    Pros and Cons
    • "The features that I have found most valuable with Skybox Security Suite, and this is because I work on the security side, are the firewall assurance, the change manager and the vulnerability control. These three features are the most impressive from Skybox Security."
    • "The initial setup with Skybox Security is hard. You need one or two strong security engineers on your team."

    What is our primary use case?

    We use the firewall assurance and the network assurance when we use change manager to check any changes in our firewall. We also use FortiGate's firewall for all our company. For six months, until 2020, we used the vulnerability control module to analyze our infrastructure.

    For one of my customers, we used firewall assurance, network assurance and change manager - three modules. We optimized the firewall appliance and rules for one of the Ukrainian banks.

    How has it helped my organization?

    Skybox Security Suite is a great, strong solution. But you need a good engineer with high-level technical skills. For businesses it is a great solution - you look at the pie chart and understand everything. But if we talk about technical expertise, you need one or two technical expertise guys on your team to support this platform. You need to check, understand and discuss all cases and events, analyze these events, and make changes in your infrastructure. In terms of the technical aspect, it's good. For businesses, it is great.

    What is most valuable?

    The features that I have found most valuable with Skybox Security Suite, and this is because I work on the security side, are the firewall assurance, the change manager and the vulnerability control. These three features are the most impressive from Skybox Security.

    In terms of the firewall rules, compliance, and vulnerability control, I need to understand what changes were provided from my IT team. I need to understand how these changes impact our compliance. I need to understand this to make decisions.

    In terms of the vulnerability control, we need to understand how changes in our infrastructure impact the security in our company, such as having an open port to LinkedIn or Facebook. This could be very bad for the cybersecurity in our company, because some hackers or some non-loyal employees could make a lot of trouble.

    So we need to understand how our changes impact the cybersecurity of our company. And Skybox Security is one of greatest solutions for this because you can see the firewall and the network infrastructure and you understand what's happening and how it could impact your cybersecurity.

    What needs improvement?

    In terms of what could be improved, I would say support for Cisco Firepower. This is one of the biggest segments in the Ukraine market. Many customers use Cisco Firepower. It is not a good solution for me, but it make sense. The second feature that could be improved is a deeper integration with Palo Alto. One of my customers uses Palo Alto and during the trial period with Skybox Security, we had some issues because when the IT administrator used the rules Skybox Security didn't understand. But it's not really a problem with Skybox Security. This was a problem for the company who used these stupid rules.

    For how long have I used the solution?

    I have been using Skybox Security Suite for the last 15 months. 

    What do I think about the stability of the solution?

    In terms of stability, humans write the code. So any solution will have some issues. So yeah, we have one or two issues, but for me, Skybox Security support is one of quicker supports in the world. I am familiar with support from Symantec and from Microsoft, these are bad support-wise. I also know about the support from McAfee and SolarWinds. For me, SolarWinds, Skybox and FireEye have quick, good support.

    Support is good for me.

    How was the initial setup?

    The initial setup with Skybox Security is hard. You need one or two strong security engineers on your team. We have that. One of my colleagues has great experience as a cybersecurity engineer officer. So we deployed, but during deployment we asked the Skybox team for support. You need to understand what you are doing and why you are doing it.

    What's my experience with pricing, setup cost, and licensing?

    We use an NFR, not for resale, license because we have a strong relationship with Skybox Security. But Skybox Security sent me yearly support for the license, not monthly.

    Skybox Security has good pricing.

    If you need something like Skybox, you would pay more money than for a cybersecurity platform, because you need FireMon for firewalls. For firewalls, you would need a subscription to Cisco Tetration, for example, or for something else. These are more expensive solutions in collaboration. So if you want to save money and save time, use Skybox Security.

    What other advice do I have?

    I would absolutely recommend using Skybox Security.

    If you need to check compliance and to understand how your IT teams work, use Skybox Security. If you need understand, like a clear glass of water, how your IT infrastructure works, use Skybox.

    Tenable or Qualys or Rapid7 vulnerability controls in your infrastructure could be installed for vulnerability scans. But they don't know what kind of attack could be used or what vector of attack could be used. If you use Skybox you will see the impact, all the issues with your infrastructure and your configuration, and you can quickly change the situation to be more protected from outside and inside attacks.

    On a scale of one to ten, I would give Skybox Security an eight.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
    PeerSpot user
    Chief Information Security Officer at a financial services firm with 1,001-5,000 employees
    Real User
    Top 10
    Stable with good dashboards and excellent firewall compliance
    Pros and Cons
    • "The solution offers very nice dashboards and they've recently added a very good Java-based web interface."
    • "The support could be improved."

    What is our primary use case?

    I primarily use the solution for my firewall. It offers a firewall compliance test and can check and verify firewall configurations and firewall changes on a daily basis. They also send you information on which are activated and which should be deactivated.

    What is most valuable?

    The solution is very good at dealing with firewall changes and firewall compliance. For network assurance, you need to know the compliance for your related devices, for example, the configuration and your network and switches. The solution allows you to look for something that is already in review or consultation and provides proper configuration. 

    The most important feature in Skybox is the offline attack simulation. It helps you understand what your priorities should be in terms of deployments or patches. It's important to know what is the most important and what is the least, due to the fact that, every day, if you have a large enterprise network, it would be very difficult to install all of the patches on your environment. By having the most important highlights, you can start there and work your way down the list of patches. 

    The solution offers very nice dashboards and they've recently added a very good Java-based web interface.

    What needs improvement?

    The pricing is too high. 

    Other competitors provide a solution that rebuilds holes from scratch and rebuilds configurations on all the holes. Skybox does not offer this capability. It's something they should add to their list of features.

    The support could be improved. 

    The implementation process could be a lot faster and much less complex.

    The search functionality could be better. There's no way to exclude items from your search criteria, for example.

    They need to find a way to revamp the firewalls in a professional way. They need to figure out a proper implementation strategy for the firewalls.

    For how long have I used the solution?

    I've been using the solution for six years now.

    What do I think about the stability of the solution?

    The stability is actually okay. We don't have any issues in that sense.

    What do I think about the scalability of the solution?

    In terms of scalability, if you need anything to be extended in your environment, you have to pay for Skybox security in order for it to be supported. It costs extra money to scale.

    We have about 14 people in our organization who use the solution.

    How are customer service and technical support?

    Support is not the greatest. 

    If you need help with a new product or service, they seem to take forever to be able to help you. They'll also not help you unless you are on the newest versions, so they sort-of force upgrades.

    How was the initial setup?

    The initial setup was not straightforward at all. In fact, it was quite complex. We took about one and a half years to stabilize Skybox. It took far too much time.

    What about the implementation team?

    Normally, when you require assistance, like we did, it's via Skybox consultants.

    What's my experience with pricing, setup cost, and licensing?

    Due to the cost of the solution, I've decided to switch products. I'm already paying a lot and I have to pay a subscription each year. I'm looking for another solution that would less money and could provide the same features.

    The pricing is very expensive. If you have the enterprise version, you have multiple products and multiple versions you need to activate. If you need to do a replacement, for example, you'll have to pay for Skybox professional services in order to support your version.

    Currently, the licensing costs me about $300 USD for the year. This is a huge amount for my environment.

    Which other solutions did I evaluate?

    We were looking at FireMon and another solution previously. It is my understanding that we will be switching to FireMon soon due to the relative costliness of this product. We're going to do a POC on FireMon, and if all the features we need are supported, we're likely to switch.

    What other advice do I have?

    We're just a customer.

    The latest version is 11, however, I am currently one version behind.

    For small and medium-sized environments, this may not be the best solution, due to the cost involved. However, if you are an enterprise-level company, this might work well for you.

    Overall, I would rate the solution nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    DR Goyal - PeerSpot reviewer
    VP Technology at a outsourcing company with 51-200 employees
    Real User
    Top 20
    Suitable for complex networks, reliable, and good support
    Pros and Cons
    • "It can be integrated with a vulnerability management solution. When a client comes, apart from pitching network and firewall change management, we are recommending having vulnerability management. So, rather than just having the audit of the firewall, they can integrate it with their vulnerability management solution, which could be Rapid7, Qualys, or any other solution. This provides them the most value out of the platform. That is the way we are approaching our customer base."
    • "Change Manager can be improved. If they can improve Change Manager so that whatever we want to do on a firewall, we are able to do it through Change Manager, it will be helpful for us. Whenever we are doing a change, it only does them at an L3 and L4 level, but all the firewalls are at the application layer. So, whatever needs to be done on the firewall, we aren't able to get it done through Change Manager. Currently, this functionality is not there because of which we are sometimes losing customers. I can create a role on Layer 3, Layer 4, but when it comes to the application layer, such as configuring and defining URLs or other things at the application level, it can't be done through Change Manager. Customers demand that they should be able to do everything through Change Manager. They don't want to do it through some other mechanism to accomplish their complete change management policy. They don't want to use a firewall manager because sometimes, they don't have any manager. They ask if they can use our solution so that a manager is not required. If Change Manager can do all the management automatically without involving any other manager, it will be great. They can also provide better integration with other managers so that everything can be done through a central point."

    What is our primary use case?

    Our clients are using it from the firewall assurance perspective. They want to do an audit of their firewalls. So, the use cases are related to policy audit, such as which shadow rules they have and which rules are not getting utilized. 

    We are recommending the latest version to our clients because sometimes, a lot of integrations are required with respect to different firewalls and virtual devices. If we are using an old version, some of the things are not getting integrated. That's why we are going with the latest or the latest minus one version.

    To my knowledge, most of the deployments that we have done are on-prem.

    What is most valuable?

    It can be integrated with a vulnerability management solution. When a client comes, apart from pitching network and firewall change management, we are recommending having vulnerability management. So, rather than just having the audit of the firewall, they can integrate it with their vulnerability management solution, which could be Rapid7, Qualys, or any other solution. This provides them the most value out of the platform. That is the way we are approaching our customer base.

    It is reliable, and their support is good.

    What needs improvement?

    Change Manager can be improved. If they can improve Change Manager so that whatever we want to do on a firewall, we are able to do it through Change Manager, it will be helpful for us. Whenever we are doing a change, it only does them at an L3 and L4 level, but all the firewalls are at the application layer. So, whatever needs to be done on the firewall, we aren't able to get it done through Change Manager. Currently, this functionality is not there because of which we are sometimes losing customers. I can create a role on Layer 3, Layer 4, but when it comes to the application layer, such as configuring and defining URLs or other things at the application level, it can't be done through Change Manager. Customers demand that they should be able to do everything through Change Manager. They don't want to do it through some other mechanism to accomplish their complete change management policy. They don't want to use a firewall manager because sometimes, they don't have any manager. They ask if they can use our solution so that a manager is not required. If Change Manager can do all the management automatically without involving any other manager, it will be great. They can also provide better integration with other managers so that everything can be done through a central point.

    On the OT side, if they can provide more visibility, it would help. We are working on some of the features related to OT, so more visibility would be helpful.

    For how long have I used the solution?

    We have been working with this solution for two to three years.

    What do I think about the stability of the solution?

    It is reliable. Whatever features are there, they are reliable.

    What do I think about the scalability of the solution?

    As of now, we don't have any challenges with scalability. If we are fulfilling all prerequisites, it is okay. 

    Earlier, in some of the cases, it was a bit slow, but if we are fulfilling all the requirements, it gives a good performance. For a PoC, when we were using an old platform, the performance was not up to the mark, but when we use the latest platform and hardware, the performance is good.

    How are customer service and support?

    Their support is good. Support is not a challenge.

    How was the initial setup?

    It is not complex.

    What about the implementation team?

    We are acting as a vendor and distributor for Skybox in India. So, our team is taking care of whatever implementations are coming on behalf of Skybox.

    What's my experience with pricing, setup cost, and licensing?

    Licensing is normally on a yearly basis. There may also be a perpetual license. Normally, the customers ask for a lower price. If you want to sell more, you have to think about it.

    What other advice do I have?

    I would definitely recommend this solution. If you have a complex network with more than 20 firewalls, it is better to go with this solution. It might not be suitable if you have only four or five firewalls, but when the network is complex, or you are managing a data center with a lot of security challenges, I would recommend this solution.

    I would rate this solution a nine out of 10.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
    PeerSpot user
    Igor Pinter - PeerSpot reviewer
    Cyber Security Engineer at BEOtech
    Real User
    Top 20
    Useful modules, helpful support, and scalable
    Pros and Cons
    • "The most valuable features of Skybox Security Suite are all the modules that are provided, such as vulnerability assessments and network, and firewall assessments."
    • "Skybox Security Suite can improve the change management module. It is the one part of the tool that is used with the firewall devices and you have a change management module that is used to record changes of all firewalls in the company. It's not compatible with all brands, this is where they can improve the solution."

    What is our primary use case?

    Skybox Security Suite is used for security assessments. They have a central part of the security solution that aggregates assets and layers. It's an all-around solution for the security posture.

    What is most valuable?

    The most valuable features of Skybox Security Suite are all the modules that are provided, such as vulnerability assessments and network, and firewall assessments.

    What needs improvement?

    Skybox Security Suite can improve the change management module. It is the one part of the tool that is used with the firewall devices and you have a change management module that is used to record changes of all firewalls in the company. It's not compatible with all brands, this is where they can improve the solution.

    For how long have I used the solution?

    I have been using Skybox Security Suite for three years.

    What do I think about the stability of the solution?

    Skybox Security Suite is stable.

    What do I think about the scalability of the solution?

    The scalability of the Skybox Security Suite is good. You can put as many collectors that you need. We have three or four large installations and we didn't have any major issues.

    How are customer service and support?

    We used the technical support from Skybox Security Suite two or three times. We had some problems with calling from Italy and this individual was really great about the technical support. He had a deep knowledge of the complete solutions. We have great support from him.

    I rate the support from Skybox Security Suite a five out of five.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    The initial setup of Skybox Security Suite is straightforward. If you buy a virtual appliance, it's already set up. You only need to add layer three devices and the other sources for all the assets in the company. The documentation is easy to follow and useful.

    What's my experience with pricing, setup cost, and licensing?

    The price of the Skybox Security Suite can be expensive.

    Which other solutions did I evaluate?

    I have evaluated other solutions.

    What other advice do I have?

    I would recommend others to try Skybox Security Suite before purchasing it because it replaces a couple of solutions from different vendors. If you have this all-in-one solution for that part of firewalls, network devices, and assets, all in one place, you can simulate the attack vector before you made the changes to the system. I would advise that your enterprise company purchase the solution because if you want to add the assets and they are the most costly, it's not an inexpensive solution. If you want to monitor firewalls and network devices, then the cost is reasonable.

    I rate Skybox Security Suite a nine out of ten.

    Skybox Security Suite does not have much competition but there other ones that are available are lacking features. This is the most complete solution available.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Asst. Manager Finance at a insurance company with 5,001-10,000 employees
    Real User
    Top 5
    User-friendly, extracts data easily, scales well, and it's easy to install
    Pros and Cons
    • "It's very supportive and very user-friendly."
    • "The price could be cheaper."

    What is our primary use case?

    We use this solution for data encryption.

    We provide and deploy this solution for our customers and show them how to extract the reports. Our customers are really happy.

    If they run into any issues, we resolve their queries.

    What is most valuable?

    It's a good product. We can extract the data from it very easily.

    It's very supportive and very user-friendly.

    What needs improvement?

    We are not using the solution and rely on customer feedback. If the customer does not provide any, then we can't recommend what could be better.

    If they have had any kind of issues, then we are able to know and have it perform better.

    For how long have I used the solution?

    I have been using this solution for four months.

    We are using the latest version.

    What do I think about the stability of the solution?

    It's a stable solution. We haven't had any issues with stability in the four months that we have been using it.

    What do I think about the scalability of the solution?

    It's a scalable product. We scaled our internal projects.

    We only have single customers who are using this solution.

    How are customer service and technical support?

    We have not contacted technical support because we have not any issues.

    Our clients have not had any queries. If they do, then we would contact technical support.

    How was the initial setup?

    It's easy to install and deploy.

    It took one month to deploy to all of the branches.

    What about the implementation team?

    The integration was done by the vendor. We didn't do any kind of integration.

    What's my experience with pricing, setup cost, and licensing?

    We purchase the license for the product.

    Customers do not purchase the license, we take care of that.

    When compared with other companies, the license is more costly.

    The price could be cheaper.

    What other advice do I have?

    We have deployed this solution for our clients and have not received any complaints.

    I would definitely recommend this solution to others.

    I would rate Skybox Security Suite a ten out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    erdemerdag - PeerSpot reviewer
    Cybersecurity Operations Engineer at a tech services company with 201-500 employees
    Real User
    Top 5Leaderboard
    Impressive optimization and clean-up but UX needs improvement
    Pros and Cons
    • "The most impressive feature is optimization and clean-up."
    • "Skybox should improve their UX features by making them easier to use."

    What is our primary use case?

    I mainly use Skybox to harden firewall rules and for rule usage analysis and compliances. We also use it for configuration compliance for firewalls, most of the Cisco switches and routers, and enterprise firewall vendors.

    What is most valuable?

    The most impressive feature is optimization and clean-up.

    What needs improvement?

    Skybox should improve their UX features by making them easier to use. They're also trying to transfer from Java GUI to web-based systems, but it's not consistent right now, so they need to develop and improve the features on that side. I mean, the native Java based GUI results and the new Web GUI results are not always the same. I have experienced some inconsistency results among them. So, I need to trust newer GUI for results.

    For how long have I used the solution?

    I've been using Skybox Security Suite for more than five years.

    What do I think about the scalability of the solution?

    Skybox is scalable.

    How are customer service and support?

    Skybox's technical support is fine, but getting help takes some time because they request rules and models and pack logs instead of offering a remote session.

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    The initial setup was extremely straightforward - the installation took about twenty minutes, but the integration took some more time because there were lots of different vendors and integrations. We also had some problems with login and port rules, which delayed integration. 

    What's my experience with pricing, setup cost, and licensing?

    Skybox comes with extra licenses and has a change management license. The licenses are expensive, but they come with extra value.

    What other advice do I have?

    Skybox is a full-feature product that comes with different modules like firewall and network assurance, network mapping, and a vulnerability control module. It's a very, very good solution for medium and large companies. I would advise anyone thinking of implementing Skybox to use a professional team to do the integration. I would rate Skybox seven out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: partner
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free Skybox Security Suite Report and get advice and tips from experienced pros sharing their opinions.
    Updated: September 2022
    Buyer's Guide
    Download our free Skybox Security Suite Report and get advice and tips from experienced pros sharing their opinions.