I primarily use the solution for my firewall. It offers a firewall compliance test and can check and verify firewall configurations and firewall changes on a daily basis. They also send you information on which are activated and which should be deactivated.
Chief Information Security Officer at a financial services firm with 1,001-5,000 employees
Stable with good dashboards and excellent firewall compliance
Pros and Cons
- "The solution offers very nice dashboards and they've recently added a very good Java-based web interface."
- "The support could be improved."
What is our primary use case?
What is most valuable?
The solution is very good at dealing with firewall changes and firewall compliance. For network assurance, you need to know the compliance for your related devices, for example, the configuration and your network and switches. The solution allows you to look for something that is already in review or consultation and provides proper configuration.
The most important feature in Skybox is the offline attack simulation. It helps you understand what your priorities should be in terms of deployments or patches. It's important to know what is the most important and what is the least, due to the fact that, every day, if you have a large enterprise network, it would be very difficult to install all of the patches on your environment. By having the most important highlights, you can start there and work your way down the list of patches.
The solution offers very nice dashboards and they've recently added a very good Java-based web interface.
What needs improvement?
The pricing is too high.
Other competitors provide a solution that rebuilds holes from scratch and rebuilds configurations on all the holes. Skybox does not offer this capability. It's something they should add to their list of features.
The support could be improved.
The implementation process could be a lot faster and much less complex.
The search functionality could be better. There's no way to exclude items from your search criteria, for example.
They need to find a way to revamp the firewalls in a professional way. They need to figure out a proper implementation strategy for the firewalls.
For how long have I used the solution?
I've been using the solution for six years now.
Buyer's Guide
Skybox Security Suite
October 2024
Learn what your peers think about Skybox Security Suite. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
The stability is actually okay. We don't have any issues in that sense.
What do I think about the scalability of the solution?
In terms of scalability, if you need anything to be extended in your environment, you have to pay for Skybox security in order for it to be supported. It costs extra money to scale.
We have about 14 people in our organization who use the solution.
How are customer service and support?
Support is not the greatest.
If you need help with a new product or service, they seem to take forever to be able to help you. They'll also not help you unless you are on the newest versions, so they sort-of force upgrades.
How was the initial setup?
The initial setup was not straightforward at all. In fact, it was quite complex. We took about one and a half years to stabilize Skybox. It took far too much time.
What about the implementation team?
Normally, when you require assistance, like we did, it's via Skybox consultants.
What's my experience with pricing, setup cost, and licensing?
Due to the cost of the solution, I've decided to switch products. I'm already paying a lot and I have to pay a subscription each year. I'm looking for another solution that would less money and could provide the same features.
The pricing is very expensive. If you have the enterprise version, you have multiple products and multiple versions you need to activate. If you need to do a replacement, for example, you'll have to pay for Skybox professional services in order to support your version.
Currently, the licensing costs me about $300 USD for the year. This is a huge amount for my environment.
Which other solutions did I evaluate?
We were looking at FireMon and another solution previously. It is my understanding that we will be switching to FireMon soon due to the relative costliness of this product. We're going to do a POC on FireMon, and if all the features we need are supported, we're likely to switch.
What other advice do I have?
We're just a customer.
The latest version is 11, however, I am currently one version behind.
For small and medium-sized environments, this may not be the best solution, due to the cost involved. However, if you are an enterprise-level company, this might work well for you.
Overall, I would rate the solution nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Helps us clean up firewall rules and backup device config, but it needs a web interface
Pros and Cons
- "It's given us more visibility in terms of what are the kinds of configurations that are on these devices, and how many of these are stale rules. So it's helped greatly in terms of cleaning up of rules, for sure. And it has definitely given us a more secure way of backing up the configuration on these devices."
- "The primary room for improvement would be to enable a web interface, which is not something which is there in the product. This is supposed to have come a year, a year and a half ago, but still has failed to come out. It still needs a client application to be installed on a workstation to be able to access that server and then run these reports. So I cannot extend that access to anybody. It has to be one administrator all the time. So unlike a web interface, where you can give multiple users simultaneous access and generate the various reports, that isn't a possibility at the moment."
- "The stability is something that is questionable. I don't know whether it is because of the kind of infrastructure we have or because of the product in itself. We're running it on a virtual machine right now. Maybe once a month, or once in every 45 days, it requires a restart because the application fails to connect. So I have to restart the whole Skybox Manager itself, the Skybox server itself, and then connect to it from our Skybox Manager."
- "The setup documentation needs a lot of improvement."
What is our primary use case?
Primary use case for us is configuration management and configuration compliance.
How has it helped my organization?
It's given us more visibility in terms of what are the kinds of configurations that are on these devices, and how many of these are stale rules. So it's helped greatly in terms of cleaning up of rules, for sure. And it has definitely given a more secure way of backing up the configuration on these devices.
What is most valuable?
For us, it's more important for our firewalls, to maintain the configuration compliance, to look at duplication of rules; clean up functionalities on the firewall and compliance of the firewall. That's where it's most important. We're still looking at making use of this tool for other purposes, but it's still a work in progress at this moment.
We are using Network Assurance, primarily for our devices like routers and switches.
Change Manager is still a work in progress for us. While we have that module, we're still working on customizing it. It's understandable and it works well, right now. We are looking at automating that whole change management procedure using a third-party API integration along with Skybox. So that's still a work in progress at the moment.
What needs improvement?
The primary room for improvement would be to enable a web interface, which is not something which is there in the product. This is supposed to have come a year, a year and a half ago, but still has failed to come out. It still needs a client application to be installed on a workstation to be able to access that server and then run these reports. So I cannot extend that access to anybody. It has to be one administrator all the time. So unlike a web interface, where you can give multiple users simultaneous access and generate the various reports, that isn't a possibility at the moment.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
The stability is something that is questionable. I don't know whether it is because of the kind of infrastructure we have or because of the product in itself. We're running it on a virtual machine right now. Maybe once a month, or once in every 45 days, it requires a restart because the application fails to connect. So I have to restart the whole Skybox Manager itself, the Skybox server itself, and then connect to it from our Skybox Manager. As I said, I don't know whether it's because of our environment or if this is primarily how the application behaves on a VM environment. That's still a question mark at the moment.
What do I think about the scalability of the solution?
I don't think scalability is a problem area, to be quite frank. As to how much you can run, it primarily depends on the type of licenses you have. And they also have a hardware appliance which can take on any workload. So I don't think this is a problem area.
How are customer service and technical support?
The technical support is only telephoning. While I do have a local contact with whom speak, more often it's via the telephone. They do have a fairly decent turnaround time. I wouldn't rate them as the best people around in terms of turnaround time, but it's fairly decent. I haven't had too many negative experiences with them so I would rate them fairly satisfactory at the moment.
Which solution did I use previously and why did I switch?
We were not using any other solution, not something similar to Skybox at least. Our principle company was using a competitor product from Tufin. Their use case was fairly limited to firewalls. We wanted something beyond firewalls and also wanted an ability to manage and automate the change on the firewalls, etc. That is why we went for Skybox.
How was the initial setup?
It was definitely complex. It wasn't straightforward by any means. It's not something that a person who doesn't know the product can deploy. It's not a simple double-click on an MSI or an EXE and it starts running. The documentation needs a lot of improvement, the setup documentation. But we had brought in our Professional Services at the time of installation, so someone was here to do that installation. But if you were to ask me to do it from scratch, I would hesitate to do so because it was rather complicated even just looking at it.
What's my experience with pricing, setup cost, and licensing?
I think for the cost, what we got definitely is worth it. We're looking to expand it come next financial year, that will start from April of 2018. We'll need to look at how we will get better pricing this time around. So we're looking to expand the scope four-fold or five-fold, beyond what we have actually done initially.
The only caution I would give is that whenever you license for Firewall Assurance at the same time, for some weird reason, you have to get one Network Assurance license, just to manage one firewall. That's a little bit of overkill. But otherwise, in general, the pricing is fairly okay. But I would prefer that they change that licensing model for a firewall not having to consume a Network Assurance license.
Which other solutions did I evaluate?
We did a proof of concept with Skybox and Tufin, both. In terms of setup times, in terms of the interface in itself, Tufin was much better. But Skybox had better features and we felt it fit in more for our use cases, which is why we went with Skybox.
What other advice do I have?
If you choose Skybox, then I would say spend a lot of time making sure that your network and your IT segment and all your devices and scope are properly documented. Make sure everybody fully understands how each of your networks are interconnected and exactly how your deployment happens. Because without that documentation, you will have a real hard time even explaining to a Professional Services guy how this needs to be set up. Because, like I said, this is not something which is straightforward.
It does need some time, especially in an enterprise environment where you're primarily using an RFC 1918, which is a private address space. Most of the time you will see that address space being used across different LAN communication technologies, so you will see a lot of conflict. You might see a lot of duplication. That is where the real problems start. So I would rather spend more time analyzing the whole setup, sitting and making sure it's well documented, before even getting into documentation. That's what I would tell the prospective buyers of Skybox.
Right now, based on my experience of having gone through, of having used it for the last one-and-a-half to two years, I would rate it about a seven out of 10. The reason for that is because of the lack of a web interface which is a big no-no for most companies. In today's world, nobody wants to use a fixed client to manage a security appliance. And the second one is because of the complexity of the whole setup itself. Otherwise, the product in itself is fairly good.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
Skybox Security Suite
October 2024
Learn what your peers think about Skybox Security Suite. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
Senior Information Security Analyst at a energy/utilities company with 501-1,000 employees
Does a great job of reaching into firewalls and network devices to produce risk and compliance recommendations along with a single plane of glass for queries
Pros and Cons
- "Security review is the most important feature, because it offers a single pane of glass to analyze multiple firewalls."
- "This type of tool does a great job of reaching into those other devices producing risk recommendations, compliance recommendations, and a single plane of glass to do your queries, so you can find where these rules might exist."
- "The vendor's support is terrible."
What is our primary use case?
The primary use case is security and network for security.
How has it helped my organization?
It has grown organically and become a full featured suite. If you have the funding, you can make it do all types of great things.
What is most valuable?
Security review is the most important feature, because it offers a single pane of glass to analyze multiple firewalls.
What needs improvement?
The vendor's support is terrible. The rest of the product is fine.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
With certain versions, we have encountered stability.
What do I think about the scalability of the solution?
The stability is fine for my organization.
How are customer service and technical support?
The technical support is not good. I would rate them as a three out of 10.
Which solution did I use previously and why did I switch?
We did not previously use a different solution.
How was the initial setup?
The initial setup is easy.
What's my experience with pricing, setup cost, and licensing?
The pricing has increased exorbitantly in the last few years, so now it is questionable. Now, it makes me want to review other products.
With licensing, the number of network nodes becomes very expensive to the point where you have to rationalize if the tools are warranted anymore.
Fully understand the total cost of ownership. They have gone to a new model where you have to replace the hardware every X amount of years at a very substantial cost and fully understand your intended number of nodes. To operate a firewall, you have to pay two licenses, a firewall node and a network node. If you are a reasonable-sized organization, this gets expensive very quickly.
We go through an evaluated reseller to purchase the product.
Which other solutions did I evaluate?
We did evaluate other options many years ago when Skybox was the leader in this space, but today, there are others that can compete.
I am looking at using other competitive products from other vendors. The reason would be because other people are using them and we need to or consolidate our tools.
What other advice do I have?
I really like the product. I do not have the experience with its competitors, either in function or pricing. It is a very useful tool, especially for those who do not have access to the devices they are monitoring. Because of separation of duties, you often do not have access to the firewalls or network devices. This type of tool does a great job of reaching into those other devices producing risk recommendations, compliance recommendations, and a single plane of glass to do your queries, so you can find where these rules might exist.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Information Security Architect at a non-profit with 201-500 employees
Streamlines reporting on ACL usage and on shadowed and redundant rules on the firewall
Pros and Cons
- "Key features for us include the firewall change audit every week. Also, being able to track firewall ACL usage, so that we can produce semiannual reports on ACL usage and shadowed and redundant rules on the firewall."
- "If anything could be improved it would be staying on top of the collector scripts, but I understand that's a very tough challenge."
What is our primary use case?
Auditing firewall changes on a weekly basis. We use the Network and the Firewall modules. Firewall as I said, and we use the Network and Firewall for PCI compliance reporting.
How has it helped my organization?
It has automated things. What was a manual process is now just running a report and delivering it to the people who have to mitigate the issues. A better workflow.
What is most valuable?
It's the firewall change audit every week. Also, being able to track firewall ACL usage, so that we can produce semiannual reports on ACL usage and on shadowed and redundant rules on the firewall.
What needs improvement?
It's tough to say, because the areas of improvement, I understand the difficulty. For example, they pull configs from thousands of types of devices, and it's difficult for them to stay on top of when vendors change the way their commands work. If anything, it would be staying on top of the collector scripts, but I understand that's a very tough challenge.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
We had an issue one time, but it was related to a major release upgrade. But that happens every now and then with vendors.
What do I think about the scalability of the solution?
We've had no need to scale it.
How is customer service and technical support?
Excellent. They're right on top of it. Very reactive.
How was the initial setup?
Straightforward.
What's my experience with pricing, setup cost, and licensing?
The product's pricing is excellent value.
In terms of licensing, make sure you understand your network components, all your hops through your network, thoroughly, before you decide on the total cost. If you want to do point-to-point flow analysis and such, you need to have the configuration of all the devices in between point A and point B. A lot of people don't realize all their network components until they start using this product.
Which other solutions did I evaluate?
We evaluated FireMon versus Skybox when we selected Skybox - they were really the two that were best at doing automated reporting for PCI. It was a compliance issue. We thought Skybox really fit our needs best.
What other advice do I have?
Other than what I said - ensuring that you have a really good understanding of all the network components that you have to ingest configurations from - definitely take it out for a proof of concept for 30 days. There are a lot of features in here that we don't use, Change Management and stuff like that, that you want to take a look at and see if they fit your needs.
I would say the reason I can't go higher than eight out of 10 is that their major release announcements aren't always straightforward. You usually discover that there is a new major release when going to their website and you discover it on your own. So they're not really good at major release announcements.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Engineer at BEOtech
Useful modules, helpful support, and scalable
Pros and Cons
- "The most valuable features of Skybox Security Suite are all the modules that are provided, such as vulnerability assessments and network, and firewall assessments."
- "Skybox Security Suite can improve the change management module. It is the one part of the tool that is used with the firewall devices and you have a change management module that is used to record changes of all firewalls in the company. It's not compatible with all brands, this is where they can improve the solution."
What is our primary use case?
Skybox Security Suite is used for security assessments. They have a central part of the security solution that aggregates assets and layers. It's an all-around solution for the security posture.
What is most valuable?
The most valuable features of Skybox Security Suite are all the modules that are provided, such as vulnerability assessments and network, and firewall assessments.
What needs improvement?
Skybox Security Suite can improve the change management module. It is the one part of the tool that is used with the firewall devices and you have a change management module that is used to record changes of all firewalls in the company. It's not compatible with all brands, this is where they can improve the solution.
For how long have I used the solution?
I have been using Skybox Security Suite for three years.
What do I think about the stability of the solution?
Skybox Security Suite is stable.
What do I think about the scalability of the solution?
The scalability of the Skybox Security Suite is good. You can put as many collectors that you need. We have three or four large installations and we didn't have any major issues.
How are customer service and support?
We used the technical support from Skybox Security Suite two or three times. We had some problems with calling from Italy and this individual was really great about the technical support. He had a deep knowledge of the complete solutions. We have great support from him.
I rate the support from Skybox Security Suite a five out of five.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of Skybox Security Suite is straightforward. If you buy a virtual appliance, it's already set up. You only need to add layer three devices and the other sources for all the assets in the company. The documentation is easy to follow and useful.
What's my experience with pricing, setup cost, and licensing?
The price of the Skybox Security Suite can be expensive.
Which other solutions did I evaluate?
I have evaluated other solutions.
What other advice do I have?
I would recommend others to try Skybox Security Suite before purchasing it because it replaces a couple of solutions from different vendors. If you have this all-in-one solution for that part of firewalls, network devices, and assets, all in one place, you can simulate the attack vector before you made the changes to the system. I would advise that your enterprise company purchase the solution because if you want to add the assets and they are the most costly, it's not an inexpensive solution. If you want to monitor firewalls and network devices, then the cost is reasonable.
I rate Skybox Security Suite a nine out of ten.
Skybox Security Suite does not have much competition but there other ones that are available are lacking features. This is the most complete solution available.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Business Consultant. at a tech services company with 11-50 employees
Good solution with strong features
Pros and Cons
- "The features that I have found most valuable with Skybox Security Suite, and this is because I work on the security side, are the firewall assurance, the change manager and the vulnerability control. These three features are the most impressive from Skybox Security."
- "The initial setup with Skybox Security is hard. You need one or two strong security engineers on your team."
What is our primary use case?
We use the firewall assurance and the network assurance when we use change manager to check any changes in our firewall. We also use FortiGate's firewall for all our company. For six months, until 2020, we used the vulnerability control module to analyze our infrastructure.
For one of my customers, we used firewall assurance, network assurance and change manager - three modules. We optimized the firewall appliance and rules for one of the Ukrainian banks.
How has it helped my organization?
Skybox Security Suite is a great, strong solution. But you need a good engineer with high-level technical skills. For businesses it is a great solution - you look at the pie chart and understand everything. But if we talk about technical expertise, you need one or two technical expertise guys on your team to support this platform. You need to check, understand and discuss all cases and events, analyze these events, and make changes in your infrastructure. In terms of the technical aspect, it's good. For businesses, it is great.
What is most valuable?
The features that I have found most valuable with Skybox Security Suite, and this is because I work on the security side, are the firewall assurance, the change manager and the vulnerability control. These three features are the most impressive from Skybox Security.
In terms of the firewall rules, compliance, and vulnerability control, I need to understand what changes were provided from my IT team. I need to understand how these changes impact our compliance. I need to understand this to make decisions.
In terms of the vulnerability control, we need to understand how changes in our infrastructure impact the security in our company, such as having an open port to LinkedIn or Facebook. This could be very bad for the cybersecurity in our company, because some hackers or some non-loyal employees could make a lot of trouble.
So we need to understand how our changes impact the cybersecurity of our company. And Skybox Security is one of greatest solutions for this because you can see the firewall and the network infrastructure and you understand what's happening and how it could impact your cybersecurity.
What needs improvement?
In terms of what could be improved, I would say support for Cisco Firepower. This is one of the biggest segments in the Ukraine market. Many customers use Cisco Firepower. It is not a good solution for me, but it make sense. The second feature that could be improved is a deeper integration with Palo Alto. One of my customers uses Palo Alto and during the trial period with Skybox Security, we had some issues because when the IT administrator used the rules Skybox Security didn't understand. But it's not really a problem with Skybox Security. This was a problem for the company who used these stupid rules.
For how long have I used the solution?
I have been using Skybox Security Suite for the last 15 months.
What do I think about the stability of the solution?
In terms of stability, humans write the code. So any solution will have some issues. So yeah, we have one or two issues, but for me, Skybox Security support is one of quicker supports in the world. I am familiar with support from Symantec and from Microsoft, these are bad support-wise. I also know about the support from McAfee and SolarWinds. For me, SolarWinds, Skybox and FireEye have quick, good support.
Support is good for me.
How was the initial setup?
The initial setup with Skybox Security is hard. You need one or two strong security engineers on your team. We have that. One of my colleagues has great experience as a cybersecurity engineer officer. So we deployed, but during deployment we asked the Skybox team for support. You need to understand what you are doing and why you are doing it.
What's my experience with pricing, setup cost, and licensing?
We use an NFR, not for resale, license because we have a strong relationship with Skybox Security. But Skybox Security sent me yearly support for the license, not monthly.
Skybox Security has good pricing.
If you need something like Skybox, you would pay more money than for a cybersecurity platform, because you need FireMon for firewalls. For firewalls, you would need a subscription to Cisco Tetration, for example, or for something else. These are more expensive solutions in collaboration. So if you want to save money and save time, use Skybox Security.
What other advice do I have?
I would absolutely recommend using Skybox Security.
If you need to check compliance and to understand how your IT teams work, use Skybox Security. If you need understand, like a clear glass of water, how your IT infrastructure works, use Skybox.
Tenable or Qualys or Rapid7 vulnerability controls in your infrastructure could be installed for vulnerability scans. But they don't know what kind of attack could be used or what vector of attack could be used. If you use Skybox you will see the impact, all the issues with your infrastructure and your configuration, and you can quickly change the situation to be more protected from outside and inside attacks.
On a scale of one to ten, I would give Skybox Security an eight.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Information Security Consultant at a insurance company with 1,001-5,000 employees
Helps us make sure that all of our devices are configured as they should be
Pros and Cons
- "The most valuable feature is the compliance, whether it's access compliance or the configuration compliance, to make sure that all of our devices are configured as they're supposed to be, to limit access as much possible, to follow least-access guidelines."
- "Reporting. A lot of the reports, out of the box, are limited to a certain number of either configuration violations or access rule violations. So when you first set up a new firewall to be monitored by Skybox, you don't get a real full report. You have to really tweak it to get everything."
- "I've had issues with licensing where, when they were expiring and I asked for the updated licenses, I would the wrong ones. I think their process needs to be straightened out a little bit - I don't know if they fixed it already, it has been awhile. It wasn't as straightforward as it could have been."
What is our primary use case?
We use it to verify firewall compliance with NIST best practices for access and that our firewalls are configured correctly. We're also getting ready to roll out their Vulnerability Management package.
We mostly use Firewall Assurance and we're getting ready to start using Vulnerability Control.
How has it helped my organization?
What we have done is found a lot of misconfigured stuff on firewalls. Our company, Verisk, is a company that buys other companies. We have 70 or so companies at last count and most of them are founder-based companies we bought. They had little to no idea of how to actually secure a firewall correctly. Using Skybox, when we bring them on we take a look at how their firewalls are configured and then make recommendations as far as what they need to do to tighten it up. That is the main function we've been using it for and that is where we have gotten the most benefit out of it.
From Firewall Assurance, the only other real benefit you get is eliminating shadowed rules and redundant rules. You can optimize a little bit based on real usage to move the rules that are used more towards the top of the access lists so that the firewall processes them a little faster. It's a small benefit but it's definitely something that, depending on your business, may be important to you.
What is most valuable?
The most valuable feature is the compliance, whether it's access compliance or the configuration compliance, to make sure that all of our devices are configured as they're supposed to be, to limit access as much possible, to follow least-access guidelines.
What needs improvement?
Reporting. A lot of the reports, out of the box, are limited to a certain number of either configuration violations or access rule violations. So when you first set up a new firewall to be monitored by Skybox, you don't get a real full report. You have to really tweak it to get everything.
In our business, our company buys a lot of other companies and a lot of them manage themselves. Unfortunately, for Firewall Assurance in particular, if you need a group of people to be able to manage their firewalls and only theirs, it's almost impossible because to add a new firewall you have to be an admin, and you can't limit what an admin sees. If I want a particular company to be able to add their firewalls, they're going to see everybody else's firewalls as well, which is much more access than they need. That is one thing I would love to see fixed.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
Stability is good. They do come out with a lot of patches and the updating process, while not a pain, is pretty frequent.
What do I think about the scalability of the solution?
We had to separate our initial appliance into the server and a separate collector just because we have, at last count, about 120 firewalls in there. Collecting all the firewall information in all the logs daily during off hours, it started to get a little choked up. When we separated the server and the collector onto two different machines that fixed the problem.
How are customer service and technical support?
On a scale of one to 10, I would rate Skybox technical support at about eight. It's not perfect, but good. They are not always able to answer questions on first contact but the questions always get answered. The answer is not always what I want to hear, but they do get answered.
Which solution did I use previously and why did I switch?
I used the AlgoSec. AlgoSec wasn't broken up into modules, it was one solution. It was good; again, not perfect, but then their prices just got ridiculous. The fact that Skybox is broken up into modules and you only have to pay for what you're actually going to use, that was the main reason for switching. The pricing was secondary. AlsoSec doesn't do everything that Skybox does, but they were charging a lot more.
How was the initial setup?
Setup is relatively straightforward. There were a couple of things that I found a little difficult. They have an Add Firewall Wizard, but if you want to create a task list or a task group that runs on a certain schedule, it's almost easier to import the firewall as a task rather than using the wizard. You almost have to do the work twice if you do use the wizard.
The other difficulty was, it really wasn't made clear that separating the server and the collector, for a certain number of firewalls or over, was a best practice. Having to go back and redo that was a little bit of a surprise.
But overall, it's relatively easy to use. There is a little bit of learning curve to figure out how to get the right information out of the reporting. But once you do it, it works.
What's my experience with pricing, setup cost, and licensing?
As with anything else, I would love it to be less expensive, but do I think pricing is a good value? Sure.
I've had issues with licensing where, when they were expiring and I asked for the updated licenses, I would the wrong ones. I think their process needs to be straightened out a little bit - I don't know if they fixed it already, it has been awhile. It wasn't as straightforward as it could have been. When you get the licenses you just put in the license numbers so it's working. That part is easy. It's getting the correct licenses that can be a little cumbersome.
Which other solutions did I evaluate?
We looked at AlgoSec, but their pricing was too high. And previously I had looked at Tufin but they just didn't have the wealth of features that either Skybox or AlgoSec have. Overall, we evaluated other stuff. It's just that Skybox made the most sense for us.
What other advice do I have?
- Determine what your needs are.
- Buy only the products you need, when you need them.
- Make sure that your sales engineer goes over best practices with you so that you do it right the first time.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Marketing Expert at a comms service provider with 51-200 employees
Provides good scalability, but its attack surface management feature needs improvement
Pros and Cons
- "The product's most valuable feature is vulnerability management."
- "Skybox Security Suite's attack surface management feature needs improvement."
What is our primary use case?
We use the product for network visibility and firewall and vulnerability management.
What is most valuable?
The product's most valuable feature is vulnerability management.
What needs improvement?
Skybox Security Suite's attack surface management feature needs improvement.
For how long have I used the solution?
We have been using Skybox Security Suite for four or five years.
What do I think about the stability of the solution?
I rate the product's stability a five or six out of ten. We encountered a few issues during data migration in terms of customization.
What do I think about the scalability of the solution?
The product is highly scalable. It is suitable for enterprise businesses. I rate its scalability a ten out of ten.
How are customer service and support?
The local support services are good. However, we encountered difficulties while using the multilingual feature for communicating with the support team.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup process is easy. However, the complexity depends on the customer's environment, including the broker and control management system of a specific cloud. It takes around three hours to complete the process and a month for system integration.
What's my experience with pricing, setup cost, and licensing?
The software is expensive. I rate its pricing an eight out of ten.
What other advice do I have?
I rate Skybox Security Suite a six out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Buyer's Guide
Download our free Skybox Security Suite Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Popular Comparisons
Qualys VMDR
Tenable Nessus
Tenable Security Center
Orca Security
Check Point CloudGuard CNAPP
Rapid7 Metasploit
Balbix BreachControl
Titania Nipper
Buyer's Guide
Download our free Skybox Security Suite Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
- Which is the best vulnerability scanner tool?
- What are your recommended automated penetration testing tools?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- Can you recommend API for Tenable Connector into ServiceNow
- What penetration testing tool (or tools) do you recommend for SMB/SME?