RedSeal Review

Saves time in evaluating compliance, and the technical support is helpful


What is our primary use case?

We run three different networks with multiple VLANs across each of them. We're using it internally but looking at potentially using it to support other companies.

How has it helped my organization?

Because we work a lot of assessments, RedSeal helps us to validate certain security practices that are required. They have 148 best practices that are laid out, and the combination of those best practices along with some of the other capabilities, such as network mapping where it lays out the tracking and identification of devices, supports a lot of the requirements from government or companies that work with government agencies.

RedSeal looks at where you correlate the different practices as it relates to those defined by the assessment requirements put in place by the government contractors. Once they've done that, it will ease the time. While there is a dashboard with all of the information, you've got to go to the right place to find it and validate it. With the consolidation done, you get that as output and it ultimately saves us time when it comes to determining compliance.

What is most valuable?

The most valuable features are network mapping and configuration. It definitely speeds up the identification of mismatches and issues related to configuration and provides a good way ahead for remediation of those deficiencies.

The scorecard in resiliencies is helpful because you can get a snapshot look of it based on taking all of the data in.

From a front-end perspective, it just a superb job. RedSeal brings a lot, but it also brings an understanding that you're adding to it in order to get the full picture.

Once you flush out your layer two and layer three by bringing in scans, you tie in RedSeal with your SIEM. The dashboard makes moving forward very easy as it relates to the operation, which is something that we're very happy with.

When you're pulling in all of the vulnerabilities using the scanning tool that has been used, it is overlaid on the structure and helps to build it within RedSeal. This gives you one entry point to get a pretty good look at a company.

What needs improvement?

The dashboard should be improved to make correlating data easier to do. As it is now, if I go into RedSeal then I may have to look at six or seven practices, plus go to a configuration tab and then look at the mapping to identify one security practice that's been defined within the CMMC model.

It would like to see a feature that gives specifics about different types of compliance. For example, different tabs for SCADA, HIPAA, CMMC, 800-53, and PCI, would be helpful for having everything available in one location. As it is now, I have to view Excel spreadsheets to get that answer. Also, these things change depending on whether you are dealing with a DOD compliance effort versus medical compliance.

For how long have I used the solution?

We have been using RedSeal for more than six months.

What do I think about the stability of the solution?

I am comfortable with the product. We have not seen any issues at all, in terms of stability.

What do I think about the scalability of the solution?

We are currently looking at building relationships with other companies to improve our supply chain, and it is definitely scalable enough to support that.

How are customer service and technical support?

The technical support is really good. They have a personal touch and build a relationship with you that helps with integrating the product. They really help when it comes to having a full understanding of how it works and it makes a big difference because they don't just leave you stranded.

My experience is that the technical support is structured to make sure that you get what RedSeal can provide.

How was the initial setup?

The initial setup is straightforward, although it is a matter of importing all of the other sources of info that really makes it work well. For example, you're getting network layer seven, part of layer three, and all of those things that are associated with them. But, when you want the full picture, it takes the additional step. You need to load the scans and get tie-in to the SIEM, as well as everything else, to get the full utility out of RedSeal.

The technical support provided really eases the setup process.

What's my experience with pricing, setup cost, and licensing?

The pricing is based on the number of endpoints and devices, and we have seen it range from mid-five figures to low six figures.

What other advice do I have?

My advice for anybody who is implementing this solution is to have a good understanding of what RedSeal brings to the table, as well as what it is that you need to bring to the table to get full usage out of it. RedSeal comes in and sets the foundation and gives you the front-end, and then you have to add things like your scanned data. If you don't already have a scanner such as Nessus then you won't get a full picture. The team at RedSeal makes it clear that these plugins are essential to get the full benefit of the product.

Overall, I am very happy with the way the product is working.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More RedSeal reviews from users
Add a Comment
Guest