Skybox Security Suite Competitors and Alternatives
Read reviews of Skybox Security Suite competitors and alternatives
Director at Visa Inc.
Jul 28, 2019
We can process more rules on a daily basis, which is a definite time saver
What is our primary use case?The primary use cases are firewall support and generating rules.
Pros and Cons
- "We use Tufin to clean up our firewall policies. It benefits us, because you can run a query for whatever your cleanup criteria is, e.g., "Has it been hit in 90 days?" It displays the list, then you can see the rules right there. If you want to get rid of it (or highlight it), then it creates a ticket that goes ahead and flags them all as disabled. While you can delete them, we always disable first. Then, we have a strip that comes back, and if it's been disabled for 90 days, then the system will remove them."
- "The topology needs improvement. If I click on the network tab, I can go get a cup of coffee, come back, and my topology is still not painted. Maybe, it's just because we have so many devices, but looking at the topology, it is too slow. The problem is that when I click on the network tab, I do not want to see the topology. I want to click on the "Next" button, so I can put in the source and destination, so I can see the path. However, I still have to sit there and wait for the topology to load, and it's frustrating. I'll click on topology and try to click that "Next" button in time to where I can get around it. But, typically, you have to wait for that topology to paint. When it paints it, it's just a bunch of black smudges because there is just so much there. It can't paint it to where you see something. I can always zoom out, or something like that, but it's really worthless."
What other advice do I have?Give Tufin a good look. The Tufin team is always trying to stay on top of it. When Check Point came out with a R80.10, it wasn't very long before Tufin could generate rules or provision to R80.10, which was good. Now that R80.20s are out, they can provision to those. I think R80.30 is close, but I haven't heard them saying that they can provision to that yet. They can also provision to the latest versions of Palo Alto. Since those are the two that we have, I don't know about Fortinet or Juniper, but I'm sure they're trying to stay on top of those as well. We're not really using the cloud parts…
Info Assurance Engineer at a aerospace/defense firm with 1,001-5,000 employees
Jun 26, 2019
It helps reduce the complexity of the firewall rule set, but we need the end-to-end mapping feature working
What is our primary use case?The primary use case is optimizing firewall rules.
Pros and Cons
- "It gives us the ability to go to one place to look for potential firewall rules that are inappropriate, or which don't meet compliance. Instead of manually searching hundreds of firewalls for a policy, we can go to this one location and find the rules which are now out of compliance."
- "The AWS integration is still not mature for us to use. It is just not ready for our use case for AWS connectivity. Therefore, it does not provide us with a single pane of glass for our cloud environments, because we can't manage our cloud environment with the tool."
What other advice do I have?Each deployment scenario will be unique. A robust proof of concept is key to make sure it will meet all of your intended use cases. The solution is managing 25 percent of our firewalls right now. We probably won't increase usage until we can get the required features for firewall change rule management to work correctly. We probably will not increase usage until that works. I would rate it as a six (out of ten). We need the end-to-end mapping feature working to make it a ten. That is just our next phase. I don't know what other problems that we will run into. There is a lot to deploy before we…
Security Operations Engineer at a security firm with 201-500 employees
Real UserTop 10
Jun 6, 2021
Enables us to create new rules and have a more secure flow
What is our primary use case?We use: * FireFlow * AFA, AlgoSec Firewall Analyzer * BusinessFlow I use AlgoSec to optimize the firewall rules and to analyze the logs of a lot of firewalls, like Palo Alto, Check Point, and Fortinet. When a user creates a ticket in AlgoSec, I validate the ticket or don't. It's opened flow in the firewalls also. I also use it to implement and push the rules in the equipment. I have used it for compliance and analytics. I audit Cisco ASA equipment. I do a compliance report for every piece of equipment. I do some reports and also weigh any risk on each piece of equipment. Some rules use, for… more »
Pros and Cons
- "We have critical security policies. With AlgoSec, we can create a security policy to manage critical applications. I have worked in the bank and they have critical applications. We created some security policies for those applications. Controlling the flow is critical for our customers."
- "It can be optimized. There is a lot of RPA and we have scripts in AlgoSec that need recertification. With AlgoSec Firewall Analyzer, we can see lots of objects and lots of rules that tell us we need to clean the equipment. It will give us a solution but it doesn't always work. The solution that it gives us is not always accurate from the scripts."
What other advice do I have?I would rate it an eight out of ten. It's practical and easy to use. Many enterprises use it in France. Anytime we have questions, the support team is responsive.
Enterprise Architect - Information Security at a transportation company with 5,001-10,000 employees
Simple and easy to use but needs better graphical visualization
Pros and Cons
- "Overall the solution does a good job."
- "The solution lacks a lot of features that other products have in the marketplace."