Skybox Security Suite Other Advice

Randy Watkins
Director, Security Architecture at a tech services company with 51-200 employees
The only piece of advice I would have is, feed it all of the data sources. Skybox can take in a lot of information; structured, unstructured. It has a ton of integration partners. Even if you don't know if you'll need to use them all, just integrate everything you can into Skybox as a centralized platform, because it does quite a bit more, the more data you feed it. You increase its capabilities when you give it more data sources to look at. I'd rate Skybox at 10 out of 10. I'm the Director of Security Architecture, so I'm very customer-facing and senior when it comes to product management and security architecture development. I tend to develop a baseline of programs whose capabilities I feel every organization should have. The ability to appropriately prioritize vulnerabilities inside the environment, and then to have visibility into the traffic and rule sets of an organization, are two of the top capabilities that I recommend. Skybox is the only one that does both of those in a single platform. When I go into an organization, especially larger ones that are 5,000 or 10,000-plus employees, the first things I'm looking for are: How are you doing your vulnerability scanning and what visibility do you have in your firewall traffic? Typically, the answer to both of those is, "We don't have a lot there," and Skybox is one of the first things I'll recommend because it's almost imperative to get operational efficiencies. Firewalls are very basic. Firewalls are the front line against inbound traffic. If you don't have something like Skybox inline, able to see what's going on with your traffic flows, you can't appropriately implement those firewalls. So Skybox is typically one of my first three recommended products for just about every client I step in front of. View full review »
Sharath K
Sr. Consultant at a tech services company with 10,001+ employees
If you choose Skybox, then I would say spend a lot of time making sure that your network and your IT segment and all your devices and scope are properly documented. Make sure everybody fully understands how each of your networks are interconnected and exactly how your deployment happens. Because without that documentation, you will have a real hard time even explaining to a Professional Services guy how this needs to be set up. Because, like I said, this is not something which is straightforward. It does need some time, especially in an enterprise environment where you're primarily using an RFC 1918, which is a private address space. Most of the time you will see that address space being used across different LAN communication technologies, so you will see a lot of conflict. You might see a lot of duplication. That is where the real problems start. So I would rather spend more time analyzing the whole setup, sitting and making sure it's well documented, before even getting into documentation. That's what I would tell the prospective buyers of Skybox. Right now, based on my experience of having gone through, of having used it for the last one-and-a-half to two years, I would rate it about a seven out of 10. The reason for that is because of the lack of a web interface which is a big no-no for most companies. In today's world, nobody wants to use a fixed client to manage a security appliance. And the second one is because of the complexity of the whole setup itself. Otherwise, the product in itself is fairly good. View full review »
Information Security Consultant at a insurance company with 1,001-5,000 employees
* Determine what your needs are. * Buy only the products you need, when you need them. * Make sure that your sales engineer goes over best practices with you so that you do it right the first time. View full review »
Find out what your peers are saying about Qualys, Skybox Security, Rapid7 and others in Vulnerability Management. Updated: June 2019.
348,275 professionals have used our research since 2012.
Information Security Architect with 201-500 employees
Other than what I said - ensuring that you have a really good understanding of all the network components that you have to ingest configurations from - definitely take it out for a proof of concept for 30 days. There are a lot of features in here that we don't use, Change Management and stuff like that, that you want to take a look at and see if they fit your needs. I would say the reason I can't go higher than eight out of 10 is that their major release announcements aren't always straightforward. You usually discover that there is a new major release when going to their website and you discover it on your own. So they're not really good at major release announcements. View full review »
Vishal Bindra
CEO at a tech services company with 51-200 employees
Anyone implementing this product should bring together the teams which have security and network understanding, as a part of the project and, of course, they should look into the product properly before they implement it. I rate this product at about seven out of ten. The product is good but pricing and technical support are the ones which take marks off. View full review »
Senior Information Security Analyst at a energy/utilities company with 501-1,000 employees
I really like the product. I do not have the experience with its competitors, either in function or pricing. It is a very useful tool, especially for those who do not have access to the devices they are monitoring. Because of separation of duties, you often do not have access to the firewalls or network devices. This type of tool does a great job of reaching into those other devices producing risk recommendations, compliance recommendations, and a single plane of glass to do your queries, so you can find where these rules might exist. View full review »
Gerhard Schwegler
Networks Vice President at a tech services company with 1,001-5,000 employees
In my case it was important to know the workflow, and then to look for a tool that could support this workflow to make it easier. View full review »
Lisa Niles
Director of Solutions Integration at a tech services company with 51-200 employees
Educate other IT teams about its value. View full review »
Andrea Ghislandi
CEO at a tech services company with 51-200 employees
Involve network, security, and operations at the same table for smooth project startup. View full review »
IT Security Specialist with 10,001+ employees
Check product compatibility. In our case, during implementation, we realised approximately 30 devices were not supported by the Skybox platform. View full review »
Find out what your peers are saying about Qualys, Skybox Security, Rapid7 and others in Vulnerability Management. Updated: June 2019.
348,275 professionals have used our research since 2012.

Sign Up with Email