Skybox Security Suite Reviews

Our company's main use case for Skybox Security Suite is typically for user architects. Since our company primarily serves enterprise clients, Skybox is often used as a cost-effective solution.

Overall, the tool has helped us reduce risks. If any step is missing, it's easier for my team or engineers to identify it. The tool provides accurate recommendations based on the data. Its integration is easy, and I have integrated it with Fortinet firewalls. 

The setup is expensive.

I have been using the product for one and a half years. 

The product's support offers remote assistance and is available in many countries. 

Neutral

The tool's deployment takes one month to complete. 

Skybox Security Suite has indeed helped us reduce costs. The prices of AlgoSec and Skybox Security Suite are approximately 50 percent different. The tool may require special vendor support from abroad, resulting in slightly higher costs. Its pricing is in the middle. 

I rate the overall product a seven out of ten. 

The performance could be good because we chose it at the time, but it is too complex for us to appreciate its performance because we lack the necessary skills.

They are not satisfied with the complexity of the solution and the price.

To be used, we must have proper skills that require additional support, and the entire potential of the tool is not utilized and addressed. As a result of a lack of skills, it is complex.

Network auditing, which AlgoSec does, could be included, or perhaps Sky Box does but we don't know how to use it.

The company has been using Skybox Security Suite for quite a while, and they are thinking about changing the solution.

They have been working with it for at least three years.

We are in a complex environment, and we have three teams, with approximately 30 people using it on various entities.

We did not contact technical support. We attempted to have the necessary skills in-house, but it was insufficient. That is why we are seeking alternatives.

We also, work with Tufin. We have not been working with it for that long, we are in the POC phase. We are testing the tool.

We are also considering AlgoSec. I believe that is our current favorite, but we don't have a final decision at this time, but it appears to be AlgoSec.

The environment is very complex.

The deployment took a long time. We are considering changing it because it simply did not finish. It's as if we didn't do it properly.

We have a team of two to maintain this solution.

The licensing fee is paid yearly and is approximately $100,000.

I am researching firewall security management tools like Tufin, and AlgoSec.

As a product manager, I don't work with any products. I am just assisting team members in finding alternatives. I am a consultant.

I believe it is a management contract. I believe that such solutions should not be handled on-premise, and we must obtain a proper support contract with SLAs from the service provider. When we do install it on-premises, we have no support, no feedback, and no commitment, except to extend the contract.

We are both customers and a partner with Skybox Security Suite.

I would rate Skybox Security Suite a five out of ten.

Our company installs and manages the solution for our clients and we have two primary use cases. 

The most common use case is monitoring the security compliance of firewalls. Every company has a firewall policy that includes rules, what traffic is allowed, which ports are open and more. The solution analyzes each firewall and reports if compliance is not achieved. 

Another use case is importing network devices. The solution builds a map to analyze an entire network including compliance of routers and switches that sit behind the firewall. For example, a banking customer might have network zones such as office, core systems, and ATM cashpoints. Between those, the bank has various policies about what traffic can be open. The solution monitors compliance of the network's configuration against policies. Most UK banks are using the solution for this purpose because it is a unique feature. 

A third use case is change management in relation to firewalls. Companies that monitor their firewalls and network zones's compliance often have change orders. If a user requests a change today but it isn't implemented for a week, some solutions will only pick up a non-compliance issue at the actual time of implementation. This solution includes a change manager module that reviews changes before they are implemented, catches non-compliance issues, and stops implementation until they are corrected. It handles all network assurance including in the cloud. 

The final use case is vulnerability management. The solution is unlike Qualys which scans while it detects vulnerabilities, but it instead imports vulnerabilities and patch statuses from various vendors. This is a very useful tool for companies who may have different vulnerability scanners and patch management solutions because the solution imports everything into one consistent system where it runs vulnerabilities. The solution looks at which systems are most risky to fix those vulnerabilities first. Because of its unique network model, the solution understands possible flows of data in the network and analyzes attack vulnerabilities. 

The solution's most valuable and unique assets are the vulnerability management and change management solutions because they identify mistakes in the network before implementation which reduces risks. There aren't many competitors offering these tools. 

The solution needs to move and improve its interface to a full web browser version that is more accessible and doesn't require installation for use. 

Speed of analysis could be improved because it takes quite a lot of computing power to import data from various networks, servers, firewalls, routers, and vulnerability scanners. Sometimes it can take 12 hours to run an analysis. If you understand scaling, upscaling vertically doesn't work really well because there's always a ceiling in computing resources. But upscaling horizontally by making the solution capable of paralyzing computational resources works well in computing science and theory. 

I have been using the solution every day for eight years. 

The stability has improved greatly because there has been a drive for improvement. Currently, stability is as good as any other enterprise software. 

The current solution is only scalable vertically. When you scale vertically, you are adding bigger resources to the same computer. 

If you have a computer server that needs more speed, you might change CPUs. You may add an additional CPU or add more memory or disk space. But there is a ceiling because of server size. It is not feasible to buy a server with 300 petabytes of memory. There are also storage and CPU ceilings. If you have a bigger network and you need to analyze it faster or you have a lot of information, then you need a bigger server. 

Skybox is rearchitecting the solution to scale horizontally and ask before running analysis on the server. Instead, the analysis will be offloaded to different virtual machines that can be paralyzed effectively. Essentially, you go left or right to connect with resources. Instead of one server for the task, you can have 50 servers that might only be in use for ten minutes. The server speaks to the infrastructure, tells it to access 50 servers to run a certain application like a script or Java codes, assigns the task, and tells the infrastructure to report back with the results. Scaling horizontally is the only way in computer science to effectively tap into unlimited scaling. 

We only use support when we have problems that we can't solve ourselves. For us, support is topnotch and I rate it a ten out of ten. 

The support experience depends on who is asking. If an IT engineer has been given the solution to run, they might have to ask a lot of questions and the support for that won't be very good. To be honest, I've seen support queries from customers that clearly shouldn't be touching a server. Support doesn't know what to do with requests from these customers. For these cases, I would rate support an eight out of ten. 

Positive

Setup can be tricky if you don't have experience. It can be a complicated product to install and operate. Most of the issues we've experienced don't relate to the tool itself but relate to the availability of data points. 

The solution needs to import conflicts from firewalls, network routers, vulnerability scanners, and maybe patch management solutions. Stakeholders are not only security teams but network teams that could be from Linux, Windows, a third-party provider, managed security, managed party, or managed IT providers. 

The complexity is not related to how well the solution works but the process for embedding it in a company. The biggest challenge is organizational complexity and selling the usefulness of the solution to all parties. The typical owner of the solution is the security team. If they don't have a good relationship with the networking team, then that team may not want to provide information about the configuration of firewalls or routers. Without this information, the security team is stuck, won't be able to find conflicts, and Skybox isn't doing anything. This complexity is typically on the organizational structure side and includes internal politics and complex service partners. 

Our setup team is very experienced and handles installations. We are the only certified service plus partner in India for design, implementation, and management. Our experience is a ten out of ten.

We are often called on to review implementations and find inefficiencies. It is easy to make a mistake and it's important to correct them quickly for customers who've already invested a big budget in licenses and implementation. 

An IT engineer who doesn't have experience might struggle. Based on this, I would rate the setup a six out of ten. 

The solution is not inexpensive but customers value cyber security assurance, network assurance, and vulnerability management. A mid-size organization may not be able to afford the solution which is geared toward companies with 2,000 users. 

Value and ROI are two different things. Overall, ROI in cyber security only exists in well-defined cases, but there is clear value for customers who use the solution. 

It is important to talk with experts to determine if this is the right solution for your company. If you go to a car dealership, you might have a certain budget and can only afford a small Volkswagen Golf. But you might be persuaded to go with a top brand and bigger package. 

An expert will first analyze needs or use cases and then engage with other teams required for configuration like network teams or third-party IT providers. If all teams are not on board but the solution is purchased, you might spend several months negotiating with those teams to get what you need. During this time, the company is wasting money because the solution is not able to do anything. 

Experts will first create a design for the organization and solution. How will it be used? Who are the stakeholders? How will we obtain the necessary configuration files? Where will it be hosted? Who will operate it? The information creates a business case and informs a purchasing decision. It is important that companies follow this structure rather than advice like, "This is a really good tool so you should buy it now and figure it out later."

The tool is very useful but not marketed widely because it is a niche product. Other tools like FortiGate market widely and many companies are certified to design, implement, and manage it.

I rate the solution an eight out of ten only because it is not for small or medium-sized businesses but rather for large enterprises with specific compliance needs. 

Our clients are using it from the firewall assurance perspective. They want to do an audit of their firewalls. So, the use cases are related to policy audit, such as which shadow rules they have and which rules are not getting utilized. 

We are recommending the latest version to our clients because sometimes, a lot of integrations are required with respect to different firewalls and virtual devices. If we are using an old version, some of the things are not getting integrated. That's why we are going with the latest or the latest minus one version.

To my knowledge, most of the deployments that we have done are on-prem.

It can be integrated with a vulnerability management solution. When a client comes, apart from pitching network and firewall change management, we are recommending having vulnerability management. So, rather than just having the audit of the firewall, they can integrate it with their vulnerability management solution, which could be Rapid7, Qualys, or any other solution. This provides them the most value out of the platform. That is the way we are approaching our customer base.

It is reliable, and their support is good.

Change Manager can be improved. If they can improve Change Manager so that whatever we want to do on a firewall, we are able to do it through Change Manager, it will be helpful for us. Whenever we are doing a change, it only does them at an L3 and L4 level, but all the firewalls are at the application layer. So, whatever needs to be done on the firewall, we aren't able to get it done through Change Manager. Currently, this functionality is not there because of which we are sometimes losing customers. I can create a role on Layer 3, Layer 4, but when it comes to the application layer, such as configuring and defining URLs or other things at the application level, it can't be done through Change Manager. Customers demand that they should be able to do everything through Change Manager. They don't want to do it through some other mechanism to accomplish their complete change management policy. They don't want to use a firewall manager because sometimes, they don't have any manager. They ask if they can use our solution so that a manager is not required. If Change Manager can do all the management automatically without involving any other manager, it will be great. They can also provide better integration with other managers so that everything can be done through a central point.

On the OT side, if they can provide more visibility, it would help. We are working on some of the features related to OT, so more visibility would be helpful.

We have been working with this solution for two to three years.

It is reliable. Whatever features are there, they are reliable.

As of now, we don't have any challenges with scalability. If we are fulfilling all prerequisites, it is okay. 

Earlier, in some of the cases, it was a bit slow, but if we are fulfilling all the requirements, it gives a good performance. For a PoC, when we were using an old platform, the performance was not up to the mark, but when we use the latest platform and hardware, the performance is good.

Their support is good. Support is not a challenge.

It is not complex.

We are acting as a vendor and distributor for Skybox in India. So, our team is taking care of whatever implementations are coming on behalf of Skybox.

Licensing is normally on a yearly basis. There may also be a perpetual license. Normally, the customers ask for a lower price. If you want to sell more, you have to think about it.

I would definitely recommend this solution. If you have a complex network with more than 20 firewalls, it is better to go with this solution. It might not be suitable if you have only four or five firewalls, but when the network is complex, or you are managing a data center with a lot of security challenges, I would recommend this solution.

I would rate this solution a nine out of 10.

We use the product for network visibility and firewall and vulnerability management.

The product's most valuable feature is vulnerability management.

Skybox Security Suite's attack surface management feature needs improvement.

We have been using Skybox Security Suite for four or five years.

I rate the product's stability a five or six out of ten. We encountered a few issues during data migration in terms of customization.

The product is highly scalable. It is suitable for enterprise businesses. I rate its scalability a ten out of ten.

The local support services are good. However, we encountered difficulties while using the multilingual feature for communicating with the support team.

Neutral

The initial setup process is easy. However, the complexity depends on the customer's environment, including the broker and control management system of a specific cloud. It takes around three hours to complete the process and a month for system integration.

The software is expensive. I rate its pricing an eight out of ten.

I rate Skybox Security Suite a six out of ten.

It's for integrating with firewall logs, and we are looking for automation where we can actually select all of the network architecture. Then, we can understand the rules that are available. We can look at the complexity as to whether the rules are compliant as per the standards or not. It's depends on the compliant order.

We are currently working on rule review and compliance. The logging features are good.

As for room for improvement, there are issues in logging. The logs are not coming into the log.

There are multiple dashboards but no custom dashboard. It would be good to include a custom dashboard so that we can actually choose which field and what kinds of things we want to look at.

We've been using it for probably more than six months.

In terms of scalability, I would give it a six out of ten. The logging features are good, but zones and zone mapping to get interactive topology are not straightforward.

I would give technical support an eight out of ten.

Positive

I used AlgoSec at another company. Skybox Security Suite is nicer than AlgoSec.

The initial setup is pretty straightforward. It gets more complex only when you try to integrate with the logs.

The implementation of Skybox is straightforward and you can integrate and get the logs and compliance reporting.

The integration might be a little tricky and may need tweaking.

Overall, I give Skybox Security Suite a seven out of ten.

I mainly use Skybox to harden firewall rules and for rule usage analysis and compliances. We also use it for configuration compliance for firewalls, most of the Cisco switches and routers, and enterprise firewall vendors.

The most impressive feature is optimization and clean-up.

Skybox should improve their UX features by making them easier to use. They're also trying to transfer from Java GUI to web-based systems, but it's not consistent right now, so they need to develop and improve the features on that side. I mean, the native Java based GUI results and the new Web GUI results are not always the same. I have experienced some inconsistency results among them. So, I need to trust newer GUI for results.

I've been using Skybox Security Suite for more than five years.

Skybox is scalable.

Skybox's technical support is fine, but getting help takes some time because they request rules and models and pack logs instead of offering a remote session.

Neutral

The initial setup was extremely straightforward - the installation took about twenty minutes, but the integration took some more time because there were lots of different vendors and integrations. We also had some problems with login and port rules, which delayed integration. 

Skybox comes with extra licenses and has a change management license. The licenses are expensive, but they come with extra value.

Skybox is a full-feature product that comes with different modules like firewall and network assurance, network mapping, and a vulnerability control module. It's a very, very good solution for medium and large companies. I would advise anyone thinking of implementing Skybox to use a professional team to do the integration. I would rate Skybox seven out of ten.

We use this solution for data encryption.

We provide and deploy this solution for our customers and show them how to extract the reports. Our customers are really happy.

If they run into any issues, we resolve their queries.

It's a good product. We can extract the data from it very easily.

It's very supportive and very user-friendly.

We are not using the solution and rely on customer feedback. If the customer does not provide any, then we can't recommend what could be better.

If they have had any kind of issues, then we are able to know and have it perform better.

I have been using this solution for four months.

We are using the latest version.

It's a stable solution. We haven't had any issues with stability in the four months that we have been using it.

It's a scalable product. We scaled our internal projects.

We only have single customers who are using this solution.

We have not contacted technical support because we have not any issues.

Our clients have not had any queries. If they do, then we would contact technical support.

It's easy to install and deploy.

It took one month to deploy to all of the branches.

The integration was done by the vendor. We didn't do any kind of integration.

We purchase the license for the product.

Customers do not purchase the license, we take care of that.

When compared with other companies, the license is more costly.

The price could be cheaper.

We have deployed this solution for our clients and have not received any complaints.

I would definitely recommend this solution to others.

I would rate Skybox Security Suite a ten out of ten.