Skybox Security Suite Reviews

The use case is firewall rule lifecycle management.

This is something we are on the way to doing.

Network path analysis is the most valuable feature. There is a lot of work in my team to support internal and external customers, to answer their questions and difficulties with connectivity that doesn’t work. Mostly, the problem is missing orders. So if the customer can do the network path analysis for himself, the customer is able to write the request for the missing connectivity, without any support from my team.

Aside from Firewall Assurance, we are using Network Assurance and Change Manager for an overview of the whole network and for documenting requests and the recertification of the ruleset. 

At the moment we have a lot of work in implementing the tool in our workflow, so we are not looking for new features. But this could change in the next six to 12 months.

We have had some issues implementing the tool, but we are in contact with Professional Services to fix them.

No issues with scalability at the moment.

We are still in project mode, and we have direct contact.

No previous solution.

It was not so straightforward, but we bought onsite support from Skybox Professional Services.

The pricing is high, and the licensing model needs more flexibility.

In my case it was important to know the workflow, and then to look for a tool that could support this workflow to make it easier.

Primary use case for us is configuration management and configuration compliance.

It's given us more visibility in terms of what are the kinds of configurations that are on these devices, and how many of these are stale rules. So it's helped greatly in terms of cleaning up of rules, for sure. And it has definitely given a more secure way of backing up the configuration on these devices.

For us, it's more important for our firewalls, to maintain the configuration compliance, to look at duplication of rules; clean up functionalities on the firewall and compliance of the firewall. That's where it's most important. We're still looking at making use of this tool for other purposes, but it's still a work in progress at this moment.

We are using Network Assurance, primarily for our devices like routers and switches.

Change Manager is still a work in progress for us. While we have that module, we're still working on customizing it. It's understandable and it works well, right now. We are looking at automating that whole change management procedure using a third-party API integration along with Skybox. So that's still a work in progress at the moment.

The primary room for improvement would be to enable a web interface, which is not something which is there in the product. This is supposed to have come a year, a year and a half ago, but still has failed to come out. It still needs a client application to be installed on a workstation to be able to access that server and then run these reports. So I cannot extend that access to anybody. It has to be one administrator all the time. So unlike a web interface, where you can give multiple users simultaneous access and generate the various reports, that isn't a possibility at the moment.

The stability is something that is questionable. I don't know whether it is because of the kind of infrastructure we have or because of the product in itself. We're running it on a virtual machine right now. Maybe once a month, or once in every 45 days, it requires a restart because the application fails to connect. So I have to restart the whole Skybox Manager itself, the Skybox server itself, and then connect to it from our Skybox Manager. As I said, I don't know whether it's because of our environment or if this is primarily how the application behaves on a VM environment. That's still a question mark at the moment.

I don't think scalability is a problem area, to be quite frank. As to how much you can run, it primarily depends on the type of licenses you have. And they also have a hardware appliance which can take on any workload. So I don't think this is a problem area.

The technical support is only telephoning. While I do have a local contact with whom speak, more often it's via the telephone. They do have a fairly decent turnaround time. I wouldn't rate them as the best people around in terms of turnaround time, but it's fairly decent. I haven't had too many negative experiences with them so I would rate them fairly satisfactory at the moment.

We were not using any other solution, not something similar to Skybox at least. Our principle company was using a competitor product from Tufin. Their use case was fairly limited to firewalls. We wanted something beyond firewalls and also wanted an ability to manage and automate the change on the firewalls, etc. That is why we went for Skybox.

It was definitely complex. It wasn't straightforward by any means. It's not something that a person who doesn't know the product can deploy. It's not a simple double-click on an MSI or an EXE and it starts running. The documentation needs a lot of improvement, the setup documentation. But we had brought in our Professional Services at the time of installation, so someone was here to do that installation. But if you were to ask me to do it from scratch, I would hesitate to do so because it was rather complicated even just looking at it.

I think for the cost, what we got definitely is worth it. We're looking to expand it come next financial year, that will start from April of 2018. We'll need to look at how we will get better pricing this time around. So we're looking to expand the scope four-fold or five-fold, beyond what we have actually done initially.

The only caution I would give is that whenever you license for Firewall Assurance at the same time, for some weird reason, you have to get one Network Assurance license, just to manage one firewall. That's a little bit of overkill. But otherwise, in general, the pricing is fairly okay. But I would prefer that they change that licensing model for a firewall not having to consume a Network Assurance license.

We did a proof of concept with Skybox and Tufin, both. In terms of setup times, in terms of the interface in itself, Tufin was much better. But Skybox had better features and we felt it fit in more for our use cases, which is why we went with Skybox.

If you choose Skybox, then I would say spend a lot of time making sure that your network and your IT segment and all your devices and scope are properly documented. Make sure everybody fully understands how each of your networks are interconnected and exactly how your deployment happens. Because without that documentation, you will have a real hard time even explaining to a Professional Services guy how this needs to be set up. Because, like I said, this is not something which is straightforward.

It does need some time, especially in an enterprise environment where you're primarily using an RFC 1918, which is a private address space. Most of the time you will see that address space being used across different LAN communication technologies, so you will see a lot of conflict. You might see a lot of duplication. That is where the real problems start. So I would rather spend more time analyzing the whole setup, sitting and making sure it's well documented, before even getting into documentation. That's what I would tell the prospective buyers of Skybox.

Right now, based on my experience of having gone through, of having used it for the last one-and-a-half to two years, I would rate it about a seven out of 10. The reason for that is because of the lack of a web interface which is a big no-no for most companies. In today's world, nobody wants to use a fixed client to manage a security appliance. And the second one is because of the complexity of the whole setup itself. Otherwise, the product in itself is fairly good.

• Potential attack vector discovery
• Network troubleshooting
• Security check
• Compliance

Aside from Firewall Assurance, we use Network Assurance for network visualisation and troubleshooting. Currently, we are not using the Change Manager Module.

User interface. A web interface would be better.

• Change Tracking (audit logs)
• Access Analyser (access checks)
• Compliance

No issues.

No changes to check.

It is sufficient.

No.

The initial setup was easy.

No.

Check product compatibility. In our case, during implementation, we realised approximately 30 devices were not supported by the Skybox platform.

I am impressed with the tool's change management, firewall and network assurance. 

The solution needs improvement in firewall configuration checks. I would also like to see more configuration checks for Forcepoint and for other non-supported firewalls. 

I have been using the product for three years. 

My company has 20 users for the product. 

I would rate the solution's setup a ten out of ten and is straightforward. The product's deployment takes one week to complete. 

I would rate the tool's pricing an eight out of ten. 

I would rate the product a ten out of ten. 

We use the product for network visibility and firewall and vulnerability management.

The product's most valuable feature is vulnerability management.

Skybox Security Suite's attack surface management feature needs improvement.

We have been using Skybox Security Suite for four or five years.

I rate the product's stability a five or six out of ten. We encountered a few issues during data migration in terms of customization.

The product is highly scalable. It is suitable for enterprise businesses. I rate its scalability a ten out of ten.

The local support services are good. However, we encountered difficulties while using the multilingual feature for communicating with the support team.

Neutral

The initial setup process is easy. However, the complexity depends on the customer's environment, including the broker and control management system of a specific cloud. It takes around three hours to complete the process and a month for system integration.

The software is expensive. I rate its pricing an eight out of ten.

I rate Skybox Security Suite a six out of ten.