Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
It gives us the ability to go to one place to look for potential firewall rules that are inappropriate, or which don't meet compliance. Instead of manually searching hundreds of firewalls for a policy, we can go to this one location and find the rules which are now out of compliance.
It is the single place where we go to review all of our firewall changes. The solution makes it easier for us to track all the changes made. It is a central place where we can look at all the firewall rules, because we have three different firewall vendors. It save us time and creates efficiencies by looking at the general picture.
The most valuable feature is the reporting capability because everything that we do is a result of our being able to query a report, based on our environment and our PCI compliance efforts.
The Security Manager part of FireMon... gives me an eye on everything that's out there, everything that I cannot see. Because I'm not a network admin, I cannot go to a firewall itself, but at least I have FireMon so that I can go in and view everything that I want to view. And I can eliminate whatever I see that is wrong,
It provides us with a single pane of glass for our on-prem environment, to see configuration. We have not implemented into the cloud yet. We can search for an object group and see where it lives on any firewall in the enterprise or find security rules, no matter what firewall they're on.
The most valuable features are Policy Optimizer and Firewall Manager for different brands of firewall.
Vendor agnostic when it comes to integrating with other product.
Change Manager is most important because of the impact on each other of a network change or a firewall change. We want to understand this and to know, beforehand, what the impact of a change will be. We are a large network so that is a very important tool.
Correlates logs and threats and prioritizes; provides network maps;p provides change result context and resulting vulnerability.
Security review is the most important feature, because it offers a single pane of glass to analyze multiple firewalls.
This type of tool does a great job of reaching into those other devices producing risk recommendations, compliance recommendations, and a single plane of glass to do your queries, so you can find where these rules might exist.
The most valuable feature is the compliance, whether it's access compliance or the configuration compliance, to make sure that all of our devices are configured as they're supposed to be, to limit access as much possible, to follow least-access guidelines.
Skybox allows organizations to reprioritize the vulnerability they attempt to patch and mitigate, based on the contextual awareness of the network.
instead of asking for firewall rules which may or may not be relevant, or could already be there, or could be over-permissioned, Skybox can be used to map out the resources that that application is going to use and provide the exact rules that an application would require to function correctly. If the traffic isn't able to flow for the application, if it's erring out, Skybox can be used to troubleshoot that and say, "All right, where is the traffic being stopped and why, and how do I fix that."
The ability to appropriately prioritize vulnerabilities inside the environment, and then to have visibility into the traffic and rule sets of an organization, are two of the top capabilities that I recommend. Skybox is the only one that does both of those in a single platform.
The AWS integration is still not mature for us to use. It is just not ready for our use case for AWS connectivity. Therefore, it does not provide us with a single pane of glass for our cloud environments, because we can't manage our cloud environment with the tool.
The stability has been fairly decent, but there have been a few issues. My coworker has had some issues in the past where he has had to work with support.
The current health and monitoring of the devices is atrocious... Imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined... Out of all those categories, I only find one or two of them that are, perhaps, pertinent.
We're working on implementing FireMon with our ticketing system service now. Having that would be an improvement.
Some of the core functionality in our environment doesn't seem to work. We will get buggy code releases. They need to work on their Q&A of every code release.
We are looking for more integration with SIEM and other tools.
A phone app would be nice. This is the reason why it is not perfect yet.
The vendor's support is terrible.
Reporting. A lot of the reports, out of the box, are limited to a certain number of either configuration violations or access rule violations. So when you first set up a new firewall to be monitored by Skybox, you don't get a real full report. You have to really tweak it to get everything.
I've had issues with licensing where, when they were expiring and I asked for the updated licenses, I would the wrong ones. I think their process needs to be straightened out a little bit - I don't know if they fixed it already, it has been awhile. It wasn't as straightforward as it could have been.
The only place where Skybox has room for improvement, and they're working on releasing this, it's just a slow-go, is the UI. The user interface has historically been via a locally installed thick client. They are moving to a web-based console and it's slowly coming out.
If anything could be improved it would be staying on top of the collector scripts, but I understand that's a very tough challenge.
The primary room for improvement would be to enable a web interface, which is not something which is there in the product. This is supposed to have come a year, a year and a half ago, but still has failed to come out. It still needs a client application to be installed on a workstation to be able to access that server and then run these reports. So I cannot extend that access to anybody. It has to be one administrator all the time. So unlike a web interface, where you can give multiple users simultaneous access and generate the various reports, that isn't a possibility at the moment.
The stability is something that is questionable. I don't know whether it is because of the kind of infrastructure we have or because of the product in itself. We're running it on a virtual machine right now. Maybe once a month, or once in every 45 days, it requires a restart because the application fails to connect. So I have to restart the whole Skybox Manager itself, the Skybox server itself, and then connect to it from our Skybox Manager.
The setup documentation needs a lot of improvement.
Pricing and Cost Advice
We don't license all of the devices in our network, so it does not provide us with a comprehensive visibility of all devices in a hybrid network at this time.
We pay for it yearly.
Regarding additional costs, if you want things like Policy Optimizer, extra features, that's extra.
The pricing is very good, very straightforward. It also came in cheaper than AlgoSec and Tufin.
Relative to what it offers, the price is fair.
Pricing is on the higher side. In terms of licensing, you should buy the complete suite rather than buying only the Change Manager. I think Change Manager with Vulnerability Control is something that would be interesting to look at.
The pricing has increased exorbitantly in the last few years, so now it is questionable. Now, it makes me want to review other products.
With licensing, the number of network nodes becomes very expensive to the point where you have to rationalize if the tools are warranted anymore.
Fully understand the total cost of ownership. They have gone to a new model where you have to replace the hardware every X amount of years at a very substantial cost and fully understand your intended number of nodes. To operate a firewall, you have to pay two licenses, a firewall node and a network node. If you are a reasonable-sized organization, this gets expensive very quickly.
I've seen the pricing of every solution on the market. When you compare apples to apples, where Skybox becomes exceedingly expensive is if you look at it compared to something like FireMon that only does a fraction of what Skybox does. But if you include everything that Skybox does, it becomes way more expensive than the competition, but you're also not comparing apples to apples. If you look at FireMon, and you look at like just the firewall assurance piece, they are fairly comparable and, actually, Skybox comes in a little bit cheaper in some cases, depending on which product you're looking at.
The product's pricing is excellent value. In terms of licensing, make sure you understand your network components, all your hops through your network, thoroughly, before you decide on the total cost. If you want to do point-to-point flow analysis and such, you need to have the configuration of all the devices in between point A and point B. A lot of people don't realize all their network components until they start using this product.
The pricing is high, and the licensing model needs more flexibility.
I think for the cost, what we got definitely is worth it. The only caution I would give is that whenever you license for Firewall Assurance at the same time, for some weird reason, you have to get one Network Assurance license, just to manage one firewall. That's a little bit of overkill. But otherwise, in general, the pricing is fairly okay.
out of 7 in Firewall Security Management
Average Words per Review
out of 7 in Firewall Security Management
Average Words per Review
Compared 52% of the time.
Compared 27% of the time.
Compared 10% of the time.
Compared 29% of the time.
Compared 19% of the time.
Compared 13% of the time.
|FireMon is the No.1 provider of Intelligent Security Management solutions worldwide, combining advanced benchmarking, simulation, and analysis to deliver next generation security intelligence. Since creating the first-ever network security management solution 15 years ago, FireMon solutions have continued to deliver visibility into and control over complex network security infrastructure, policies, and risk to over 1,500 customers around the world. Using the FireMon Intelligent Security Management platform, today’s leading enterprise organizations, government agencies and managed security providers have dramatically improved effectiveness of network defenses, accelerating business agility optimizing return on investment. For more information or a free 30-day trial, visit www.firemon.com.|
The Skybox Security Suite platform combines firewall and network device data with vulnerability and threat intelligence, prioritizing security issues in the context of your unique environment. Powerful attack vector analytics reduce response times and risks, bringing firewall, vulnerability and threat management processes for complex networks under control.
Firewall Assurance brings all firewalls into one normalized view, continuously monitoring policy compliance, optimizing firewall rulesets and finding attack vectors that others miss. Skybox covers the most comprehensive list of firewall vendors, complex rulesets, even virtual and cloud-based firewalls. With proven scalability in 1,500+ firewall deployments, Firewall Assurance keeps rules optimized and ensures changes don’t introduce new risk.
Gain total visibility of the vulnerabilities in your attack surface without waiting for a scan. Leverage Skybox Research Lab's vulnerability and threat intelligence, and automatically correlate it to your unique environment. With network modeling and advanced simulations, pinpoint exposed vulnerabilities and other attack vectors. And use context to prioritize vulnerabilities in terms of actual risk and respond to threats with accuracy and efficiency.
For more information or to view a demo, visit www.skyboxsecurity.com.
Learn more about FireMon
Learn more about Skybox Security Suite
Information Not Available
|ADP, Blue Cross Blue Shield, BT, USAID, Delta Dental, EDF Energy, EMC, HSBC, Johnson & Johnson|
Financial Services Firm31%
Comms Service Provider8%
Software R&D Company27%
Financial Services Firm15%
Comms Service Provider8%
Software R&D Company28%
Financial Services Firm14%
Comms Service Provider10%