Skyhigh Security Reviews

We use this solution as a CASB, a Cloud Access Security Broker, to gain insight into our cloud environment. We integrate this solution for our clients as a companion service to our main cloud product.

It gives us visibility into how the data is being used within our cloud environment. It shows the flow of information, and in our case, it has to with documentation that is restricted. For example, if a document contains credit card information or social security numbers then we are able to track it when somebody tries to delete them or do something else that is prohibited. We get flagged, which is the key. It enhances the visibility of what's in our cloud environment.

The most valuable feature for us is the integration with DLP. 

The biggest challenge we have with McAfee is their cross-cloud support. They tend to lag by a few months, in terms of providing support for new cloud platforms, or new cloud features. We're primarily focused on SaaS, so the other opportunities for them to improve their integration is with AWS and PaaS.

I would like to see better integration with on-premise tools.

That stability is good. It's a very good tool.

We have had no problems in terms of scalability.

We have a team of about forty people who use it. There is the DLP team, the various tenant cloud security administration team, and we also have our staff that uses it.

We found that the documentation is meager, but the response time from technical support is very good.

We did not use another solution prior to this one.

This solution is very easy to set up.

It took us about a month to get it up and running, but it took us four months to figure out how to use it amongst the different teams.

The licensing fees are based on what environments you are monitoring.

We did evaluate a couple of other options, and we have other solutions as well. We have Evident.io, one from Cisco, and one from Palo Alto. None of them are good in every environment, so we use a combination of these solutions.

I have found, based on implementations for multiple clients, that Evident.io doesn't meet the needs of all of the people. Evident.io is not a security protocol. It gives you visibility into your cloud, but it's not a broker. It's just an analysis tool. It is very PaaS-friendly, but not a SaaS-friendly tool. This is opposed to Skyhigh, which is SaaS-friendly but not PaaS-friendly.

My advice for anyone who is implementing this solution is to know what roles you will need to grant access to and have your roles predefined.

This solution has good coverage and good integration with other McAfee products. I am not giving it a perfect score because of the uneven coverage for other platforms. They tend to lag in terms of support for new platforms and new tools that come out on the cloud. 

I would rate this product a seven out of ten.

Insight into services being accessed and/or used in corporate environment. Additionally, Shadow IT as a whole and provides another set of eyes on web proxy logs.

It has allowed insight into gaps that may exist in current web proxy tool policies. Improves creation of security alerts on web proxy logs by having a separate system interpret said logs.

Skyhigh has given us categorization and rating of websites separate from what the web proxy places on the logs.

The tool could improve flexibility with the creation of reports/querying data. A better search capability, similar to a SIEM, would also allow deeper log analysis.

Currently, we are using cloud discovery and analytics. This has given us an insight to which services our end users are subscribing to and where our business data may be held.

We are able to identify the high-risk websites and block them before the end users start using them to ensure that a business case is made for unblocking a high-risk site (rather than having to run interference after the fact). It also allows us to suggest other alternatives and safer services to the end user.

One feature offered is a 48-hour turnaround to add a service to the global registry upon request. While they do turn around risk assessments very quickly, often many of the answers are unknown which drives the risk scores of the services up. When provided with contact information, they will reach out to the service provider and get answers to those questions, but it doesn’t provide a lot of value to show a service as high risk just because they haven’t had the opportunity to ask yet.

I have experienced a few cases where I provided a direct contact name (who was expecting a call from someone at Skyhigh) for the cloud service provider being evaluated, and have received feedback from the contact that no one reached out to them after several days or, in some cases, weeks.

I have used this product for about 16 months.

I have encountered some stability issues. However, these seem to have improved over the last couple of releases.

I have also encountered scalability issues.

Some logging was turned on that filled up the log file shares very quickly; it took some time to determine the cause of the issue and remediate it.

The technical support level is good. They are responsive and truly desire to solve problems. The support staff can update versions of the software on our on-premises log processors in less than an hour via a WebEx session.

I have not used any other solution.

The setup was straightforward. We set up some on-site log processor devices to gather the firewall logs and send them encrypted to the server for analysis. The results were processed and then appeared on our dashboard.

The pricing policy is based on the employee/contractor count (people with a user ID in your active directory domain). The pricing policy is best if you enter a multi-year agreement.

I have evaluated other solutions such as Imperva Skyfence, Netskope, and Elastica.

If possible, have them run a simulation in your live environment for 30 days and you will be impressed with the kind of data that is collected. I, personally, highly recommend this product.

This is a web security product, it controls the usage of web for employees. There is an integral anti-virus and web URL filtering solution. I've used the solution in multiple companies that I worked in, and for the last six months I have a new company and I sell the solution along with other security products. I'm a security engineer. 

I like the anti-virus filtering, URL categorization, and reporting capabilities. I also like the ability to control what kinds of files or content can be downloaded. So you can restrict executables and potential harmful files. It's a very sophisticated and mature solution. 

I think it's a very good product although the user interface is not very intuitive and could be improved. Because of its sophistication, it's not so easy to manage and you have to learn to use it well. The solution can't really be simplified because then it would not be so customizable. You have to know what you're doing. If you don't know about filtering, you won't be able to use it well. I also think that the URL filter model and the web application filter model should be more tightly coupled but it's a lot of effort to get them to work together, not an easy problem. It's two different models - URL filtering and web application filtering. 

I've been using this solution for nine years. 

Scalability is no problem. It is cluster able so I can use many devices. We have small companies in Hungary, usually some 1000 users, but we have one simple appliance. It can deal with many users. I assume even 50,000 users would not be a problem for this product. 

I've used technical support rarely but when we've had an issue they respond relatively quickly and they know what to do. I like them. 

I have seen other products like Websense, which is Forcepoint now, and McAfee Web Gateway which is better than Websense, I think. The features are generally the same, but McAfee is easier to manage and maintain, easier to overview. It also has better debugging capabilities and better logging.

The initial setup is very, very straightforward. I think it's one of the best. 

I would definitely recommend this solution and would rate it a 10 out of 10. 

• The user analytics
• Having a full idea about infrastructure

DLP rules.

Having full control of infrastructure.

Iteration process.

Two years.

Yes.

Yes.

No.

Five out of 10.

No.

The support team implemented the solution.

Not applicable.

It is good.

Yes.

It has a very user-friendly UI and is easier to pick up for people with less technical experience.

It’s a small improvement; however, it has augmented the pre-existing network monitoring services already in place to something more meaningful for higher levels of management.

Its capabilities are still rather limited compared to other solutions. It’s a reasonable monitoring service, but it would still need to be coupled with other solutions to be practical.

I found that when it comes to monitoring services on the network, Skyhigh gives a more comprehensive and practical break down of what risks the user is looking at. This is very useful when reporting metrics to upper management. However, it felt slightly lacking in the technical breakdown area as compared to other services we used at the time. Some of the explanations it gave for risks were too vague to address, so we would revert to another product we use regularly to get a more specific picture of a threat.

I have used Skyhigh for three months.

I can’t recall any stability issues.

We used this as an internal solution, so I can’t reasonably address scalability.

I rate technical support 7/10. I felt they were very accommodating when we worked with them, but as we were ramping up the product, we needed a lot of support to understand Skyhigh functionality. We had a dedicated resource communicating with us for some time, but there was a sudden switch and the knowledge transfer between them wasn’t comprehensive, leading to some lag in support.

We previously used a different solution but we did not drop it. We attempted to use the two solutions together.

I was not a part of initial setup, so I can’t speak to this point.

I was not part of pricing, so I can’t speak to this point

To my knowledge, Skyhigh was meant to help fill some of the performance gap shown by our other solutions, so we weren’t actively looking for products to do this so much as experimenting with a single new product we’d heard about.

Use this product in conjunction with others. It has good coverage in terms of monitoring, but other commercial products were used to mitigate threats to the network.

I have been implementing this solution for protection as an ERP solution. I've been using it to protect and implement private apps.

The broader solution is quite useful. They provide service management for a variety of environments, including Office 365, Google, AWS, and Azure. 

It offers very good protection overall.

The management is very good.

We're able to provide the customer with best practices for coding.

It is a stable product.

Technical support is helpful.

The pricing is reasonable. 

The secure gateway could be improved. If they worked on that they would be more competitive.

They should offer more learning opportunities. If they could provide tools to help users interested in learning more about the technology, that would be ideal.

I'd rate the solution for around one year or maybe a bit less.

We have been facing some stability issues. However, via the support team, we're doing okay. It provides accurate warnings if there are some maintenance windows or service upgrades. It helps prevent unexpected disruption. 

I haven't really attempted to scale the solution. 

Technical support is excellent. They are very helpful and responsive. I have no complaints about their level of service. 

The initial setup is very straightforward and simple. I'd rate the ease of implementation nine out of ten. It's not overly complex. 

The pricing is good and the licensing is straightforward. I'd rate the affordability nine out of ten. 

I'd rate the solution eight out of ten. 

We use this solution for controlling web content that the users are accessing. It's very good in case situations where you have the use of a VPN connection.

You can control your employees when they are in the office and out of the office, without using a VPN in the same fashion.

The on-premise solution will control them when they are on the corporate network, and when they're off the corporate network, the cloud's gateway will control them. They have the same policies.

It's a great product with solid features.

It's a security appliance and it is quite secure.

They are quite well integrated.

The documentation could be improved. The documentation could be more detailed with more examples of usage.

We have been selling McAfee Web Gateway for four years.

Deployment can be on-premises or on the cloud.

It is a very stable solution.

I don't have any issues with the scalability. You have to do the sizing before they implement it afterward. 

You have other solutions that have to increase the volume of usage.

We have several large clients that are using it.

We are satisfied with technical support.

The initial setup is straightforward. It is easy to install.

If the client has a lot of demands and depending on their structure or the client's requests, it can be complex to configure.  In general, it is straightforward and easy to configure.

Some of our clients have a perpetual license and pay additional support yearly. 

We don't have any customers that are using subscriptions yet.

I wouldn't say that it is an expensive solution but it's not cheap. We pay for what it's worth.

I would recommend this solution to others who are interested in using it.

I would rate McAfee Web Gateway a nine out of ten.