The tool does not offer options for customization. My company would like to see some customization features added to the solution to make different workflows since, currently, we only have a limited set of workflows in Skybox Change Manager.
The solution needs improvement in firewall configuration checks. I would also like to see more configuration checks for Forcepoint and for other non-supported firewalls.
Head of Cyber Security at a tech vendor with 11-50 employees
Real User
2022-11-23T16:31:24Z
Nov 23, 2022
The solution does not support certain devices or vendors in some regions or countries due to regulations. A universal connector would be an interesting way to ensure that support is worldwide. The UX interface could be simplified and more convenient.
Project Manager at a tech services company with 1,001-5,000 employees
Real User
2022-09-26T13:19:19Z
Sep 26, 2022
They are not satisfied with the complexity of the solution and the price. To be used, we must have proper skills that require additional support, and the entire potential of the tool is not utilized and addressed. As a result of a lack of skills, it is complex. Network auditing, which AlgoSec does, could be included, or perhaps Sky Box does but we don't know how to use it.
Vice President Cloud Security Architect at Reliance Industries Ltd
Real User
2022-07-29T11:01:43Z
Jul 29, 2022
There is room for improvement in device policy provisioning. Typically, the configurations need to be pushed across. Currently, Skybox Security Suite has features that allow a policy push, so if we want to configure the policy and need a sub-policy, it needs to be added within the existing rule frame. However, modifications and the deletion of existing policies are currently unavailable or under enhancement.
Skybox Security Suite can improve the change management module. It is the one part of the tool that is used with the firewall devices and you have a change management module that is used to record changes of all firewalls in the company. It's not compatible with all brands, this is where they can improve the solution.
Skybox should improve their UX features by making them easier to use. They're also trying to transfer from Java GUI to web-based systems, but it's not consistent right now, so they need to develop and improve the features on that side. I mean, the native Java based GUI results and the new Web GUI results are not always the same. I have experienced some inconsistency results among them. So, I need to trust newer GUI for results.
The most problematic subject about Skybox is the support service. The support cases take too much time to define and to be solved.Â
The first step is requesting a model, packlogs, etc, in every kind of a problem. It might be a real problem for government-based companies to share this confidential and/or sensitive data.Â
Also, after collecting this data and sharing it, it takes time to find a solution. Mostly the second reply is again about requesting more info.
This cycle makes the customer sad. In some situations, a quick remote session could be a much better solution.
Also, there are still some problems related to WebGUI and they should be solved as soon as possible.
VP Technology at a outsourcing company with 51-200 employees
Real User
2021-11-03T20:01:45Z
Nov 3, 2021
Change Manager can be improved. If they can improve Change Manager so that whatever we want to do on a firewall, we are able to do it through Change Manager, it will be helpful for us. Whenever we are doing a change, it only does them at an L3 and L4 level, but all the firewalls are at the application layer. So, whatever needs to be done on the firewall, we aren't able to get it done through Change Manager. Currently, this functionality is not there because of which we are sometimes losing customers. I can create a role on Layer 3, Layer 4, but when it comes to the application layer, such as configuring and defining URLs or other things at the application level, it can't be done through Change Manager. Customers demand that they should be able to do everything through Change Manager. They don't want to do it through some other mechanism to accomplish their complete change management policy. They don't want to use a firewall manager because sometimes, they don't have any manager. They ask if they can use our solution so that a manager is not required. If Change Manager can do all the management automatically without involving any other manager, it will be great. They can also provide better integration with other managers so that everything can be done through a central point. On the OT side, if they can provide more visibility, it would help. We are working on some of the features related to OT, so more visibility would be helpful.
Asst. Manager Finance at a insurance company with 5,001-10,000 employees
Real User
2021-04-17T12:50:17Z
Apr 17, 2021
We are not using the solution and rely on customer feedback. If the customer does not provide any, then we can't recommend what could be better. If they have had any kind of issues, then we are able to know and have it perform better.
Business Consultant. at a tech services company with 11-50 employees
Reseller
2021-01-24T08:58:00Z
Jan 24, 2021
In terms of what could be improved, I would say support for Cisco Firepower. This is one of the biggest segments in the Ukraine market. Many customers use Cisco Firepower. It is not a good solution for me, but it make sense. The second feature that could be improved is a deeper integration with Palo Alto. One of my customers uses Palo Alto and during the trial period with Skybox Security, we had some issues because when the IT administrator used the rules Skybox Security didn't understand. But it's not really a problem with Skybox Security. This was a problem for the company who used these stupid rules.
Chief Information Security Officer at a financial services firm with 1,001-5,000 employees
Real User
2020-11-13T20:00:49Z
Nov 13, 2020
The pricing is too high. Other competitors provide a solution that rebuilds holes from scratch and rebuilds configurations on all the holes. Skybox does not offer this capability. It's something they should add to their list of features. The support could be improved. The implementation process could be a lot faster and much less complex. The search functionality could be better. There's no way to exclude items from your search criteria, for example. They need to find a way to revamp the firewalls in a professional way. They need to figure out a proper implementation strategy for the firewalls.
The Network Assurance, which helps to create the network model, is not so rich. It tells you the best part, and it gives you the alternate routes that are available based on the configuration and the routing table, but it doesn't give you the analytics. One of the issues with security is that if the network model is incorrect then no matter what I add on top of it, it's going to be of no use. Network modeling is the foundation for vulnerability management, test management, firewall management, and change management. The focus on risk analytics is not very good and should be improved. It relies on the CVSS (Common Vulnerability Security Score), which gives you a vulnerability score based on the standard. The difficulty with this is that sometimes, risks are based on critical assets, and these can differ between environments. My critical assets, for example, may be different than those of my customers. As such, it doesn't give you a fully-fledged risk score. On top of this, it doesn't give you the flexibility to configure a set of weights to adjust the criticality of the assets, the users, and the entities within the infrastructure. Another area where Skybox lacks is the calculation for combinations and permutations of traffic from each interface. For example, in RedSeal, if traffic comes in from one interface and doesn't go out the desired interface, you can see what is vulnerable, what the vulnerability is, what is exposed, what is exploitable, whether it is subject to an insider threat or an outside threat, what the criticality is, and so on. It is all related to network modeling and seeing what happens when an interface goes down. In general, it needs to be enhanced. They have to improve their integration with vulnerability management tools. It is good with some products, such as Tenable, but not really good with Rapid7. Technical support can be improved in some regards because certain teams are better than others. There is no dashboard for ISR compliance or NESA compliance.
Information Security Officer at Sony Corporation of America
Real User
2020-03-04T08:49:31Z
Mar 4, 2020
The solution was quite technical. It would be easier to manage if the solution was more specific about certain aspects and provided more advisory around how to use it effectively. It would help users a lot if they were more clear about everything. The solution requires more integration in terms of automation features. It would be great to have proxies, IDs, IPs, firewalls, certain network centers, etc. on the solution. If more of that can be looked at or reviewed from a Skybox standpoint it would be helpful. The solution needs to expand its scope.
Enterprise Architect - Information Security at a transportation company with 5,001-10,000 employees
Real User
2020-02-09T08:17:08Z
Feb 9, 2020
The solution needs more detailed reporting. In Skybox the reporting is good, but it could be improved. The solution needs to add more automation and orchestration capabilities. Those features would make the solution much stronger.
Director of Solutions Integration at a tech services company with 51-200 employees
Reseller
2018-08-07T13:21:00Z
Aug 7, 2018
As a reseller, I feel the marketing of this product could be better. It seems awareness is a bit low. We are trying to get the message out. I equate it to the early Palo Alto Networks days, where we had to market the concept of what a next-gen firewall was before we could get customers to buy in.
Information Security Consultant at a insurance company with 1,001-5,000 employees
Consultant
2018-07-15T14:43:00Z
Jul 15, 2018
Reporting. A lot of the reports, out of the box, are limited to a certain number of either configuration violations or access rule violations. So when you first set up a new firewall to be monitored by Skybox, you don't get a real full report. You have to really tweak it to get everything. In our business, our company buys a lot of other companies and a lot of them manage themselves. Unfortunately, for Firewall Assurance in particular, if you need a group of people to be able to manage their firewalls and only theirs, it's almost impossible because to add a new firewall you have to be an admin, and you can't limit what an admin sees. If I want a particular company to be able to add their firewalls, they're going to see everybody else's firewalls as well, which is much more access than they need. That is one thing I would love to see fixed.
The Skybox Security Suite platform combines firewall and network device data with vulnerability and threat intelligence, prioritizing security issues in the context of your unique environment. Powerful attack vector analytics reduce response times and risks, bringing firewall, vulnerability and threat management processes for complex networks under control.
Firewall Assurance brings all firewalls into one normalized view, continuously monitoring policy compliance, optimizing firewall rulesets...
There is room for improvement in the product's user interface. It could be more user-friendly.
The setup is expensive.
There is room for improvement in pricing. It would be better, especially if a customer bought all four modules.
Skybox Security Suite's attack surface management feature needs improvement.
The tool does not offer options for customization. My company would like to see some customization features added to the solution to make different workflows since, currently, we only have a limited set of workflows in Skybox Change Manager.
The solution needs improvement in firewall configuration checks. I would also like to see more configuration checks for Forcepoint and for other non-supported firewalls.
There is room for improvement in customer support and service.
The solution does not support certain devices or vendors in some regions or countries due to regulations. A universal connector would be an interesting way to ensure that support is worldwide. The UX interface could be simplified and more convenient.
They are not satisfied with the complexity of the solution and the price. To be used, we must have proper skills that require additional support, and the entire potential of the tool is not utilized and addressed. As a result of a lack of skills, it is complex. Network auditing, which AlgoSec does, could be included, or perhaps Sky Box does but we don't know how to use it.
There is room for improvement in device policy provisioning. Typically, the configurations need to be pushed across. Currently, Skybox Security Suite has features that allow a policy push, so if we want to configure the policy and need a sub-policy, it needs to be added within the existing rule frame. However, modifications and the deletion of existing policies are currently unavailable or under enhancement.
Skybox Security Suite can improve the change management module. It is the one part of the tool that is used with the firewall devices and you have a change management module that is used to record changes of all firewalls in the company. It's not compatible with all brands, this is where they can improve the solution.
Skybox should improve their UX features by making them easier to use. They're also trying to transfer from Java GUI to web-based systems, but it's not consistent right now, so they need to develop and improve the features on that side. I mean, the native Java based GUI results and the new Web GUI results are not always the same. I have experienced some inconsistency results among them. So, I need to trust newer GUI for results.
The most problematic subject about Skybox is the support service. The support cases take too much time to define and to be solved.Â
The first step is requesting a model, packlogs, etc, in every kind of a problem. It might be a real problem for government-based companies to share this confidential and/or sensitive data.Â
Also, after collecting this data and sharing it, it takes time to find a solution. Mostly the second reply is again about requesting more info.
This cycle makes the customer sad. In some situations, a quick remote session could be a much better solution.
Also, there are still some problems related to WebGUI and they should be solved as soon as possible.
Change Manager can be improved. If they can improve Change Manager so that whatever we want to do on a firewall, we are able to do it through Change Manager, it will be helpful for us. Whenever we are doing a change, it only does them at an L3 and L4 level, but all the firewalls are at the application layer. So, whatever needs to be done on the firewall, we aren't able to get it done through Change Manager. Currently, this functionality is not there because of which we are sometimes losing customers. I can create a role on Layer 3, Layer 4, but when it comes to the application layer, such as configuring and defining URLs or other things at the application level, it can't be done through Change Manager. Customers demand that they should be able to do everything through Change Manager. They don't want to do it through some other mechanism to accomplish their complete change management policy. They don't want to use a firewall manager because sometimes, they don't have any manager. They ask if they can use our solution so that a manager is not required. If Change Manager can do all the management automatically without involving any other manager, it will be great. They can also provide better integration with other managers so that everything can be done through a central point. On the OT side, if they can provide more visibility, it would help. We are working on some of the features related to OT, so more visibility would be helpful.
The cloud site could be better. They should provide some use cases to help users.
We are not using the solution and rely on customer feedback. If the customer does not provide any, then we can't recommend what could be better. If they have had any kind of issues, then we are able to know and have it perform better.
The price is costly, and I hope they can reduce the cost.
Honestly, I love this solution. As of now, although I have a minimum amount of experience with this solution, Skybox has been great.
In terms of what could be improved, I would say support for Cisco Firepower. This is one of the biggest segments in the Ukraine market. Many customers use Cisco Firepower. It is not a good solution for me, but it make sense. The second feature that could be improved is a deeper integration with Palo Alto. One of my customers uses Palo Alto and during the trial period with Skybox Security, we had some issues because when the IT administrator used the rules Skybox Security didn't understand. But it's not really a problem with Skybox Security. This was a problem for the company who used these stupid rules.
The pricing is too high. Other competitors provide a solution that rebuilds holes from scratch and rebuilds configurations on all the holes. Skybox does not offer this capability. It's something they should add to their list of features. The support could be improved. The implementation process could be a lot faster and much less complex. The search functionality could be better. There's no way to exclude items from your search criteria, for example. They need to find a way to revamp the firewalls in a professional way. They need to figure out a proper implementation strategy for the firewalls.
The Network Assurance, which helps to create the network model, is not so rich. It tells you the best part, and it gives you the alternate routes that are available based on the configuration and the routing table, but it doesn't give you the analytics. One of the issues with security is that if the network model is incorrect then no matter what I add on top of it, it's going to be of no use. Network modeling is the foundation for vulnerability management, test management, firewall management, and change management. The focus on risk analytics is not very good and should be improved. It relies on the CVSS (Common Vulnerability Security Score), which gives you a vulnerability score based on the standard. The difficulty with this is that sometimes, risks are based on critical assets, and these can differ between environments. My critical assets, for example, may be different than those of my customers. As such, it doesn't give you a fully-fledged risk score. On top of this, it doesn't give you the flexibility to configure a set of weights to adjust the criticality of the assets, the users, and the entities within the infrastructure. Another area where Skybox lacks is the calculation for combinations and permutations of traffic from each interface. For example, in RedSeal, if traffic comes in from one interface and doesn't go out the desired interface, you can see what is vulnerable, what the vulnerability is, what is exposed, what is exploitable, whether it is subject to an insider threat or an outside threat, what the criticality is, and so on. It is all related to network modeling and seeing what happens when an interface goes down. In general, it needs to be enhanced. They have to improve their integration with vulnerability management tools. It is good with some products, such as Tenable, but not really good with Rapid7. Technical support can be improved in some regards because certain teams are better than others. There is no dashboard for ISR compliance or NESA compliance.
The most recent update was not tested with all of the vendors before it was released, so some of the features are misbehaving.
The solution was quite technical. It would be easier to manage if the solution was more specific about certain aspects and provided more advisory around how to use it effectively. It would help users a lot if they were more clear about everything. The solution requires more integration in terms of automation features. It would be great to have proxies, IDs, IPs, firewalls, certain network centers, etc. on the solution. If more of that can be looked at or reviewed from a Skybox standpoint it would be helpful. The solution needs to expand its scope.
The solution needs more detailed reporting. In Skybox the reporting is good, but it could be improved. The solution needs to add more automation and orchestration capabilities. Those features would make the solution much stronger.
We really need to see how it can help us with cloud connectivity. It's there but I think it could give us a far better visualization.
As a reseller, I feel the marketing of this product could be better. It seems awareness is a bit low. We are trying to get the message out. I equate it to the early Palo Alto Networks days, where we had to market the concept of what a next-gen firewall was before we could get customers to buy in.
The vendor's support is terrible. The rest of the product is fine.
Reporting. A lot of the reports, out of the box, are limited to a certain number of either configuration violations or access rule violations. So when you first set up a new firewall to be monitored by Skybox, you don't get a real full report. You have to really tweak it to get everything. In our business, our company buys a lot of other companies and a lot of them manage themselves. Unfortunately, for Firewall Assurance in particular, if you need a group of people to be able to manage their firewalls and only theirs, it's almost impossible because to add a new firewall you have to be an admin, and you can't limit what an admin sees. If I want a particular company to be able to add their firewalls, they're going to see everybody else's firewalls as well, which is much more access than they need. That is one thing I would love to see fixed.