Product Information

Skybox 4000 v1.0

starstarstarstarstar

by Michael Lipinski June 23, 2010
SC Magazine Best Buy
Vendor:

Skybox Security

Product:

Skybox 4000 v1.0

Website:

http://www.skyboxsecurity.com

Price

£5,000

RATING BREAKDOWN

  • Features:
    starstarstarstarstar
  • Ease of Use:
    starstarstarstarstar
  • Performance:
    starstarstarstarstar
  • Documentation:
    starstarstarstar
  • Support:
    starstarstarstar
  • Value for Money:
    starstarstarstarstar
  • Overall Rating:
    starstarstarstarstar

QUICK READ

  • Strengths: Great modelling, strong correlated controls view, great simulator and graphical views of risk
  • Weaknesses: The lack of real-time analysis
  • Verdict: Great operational risk tool. Has everything you need to measure, manage and enhance your enterprise security posture. We make this our Best Buy

Skybox 4000 v1.0 is an operational risk management platform that collects data from various network assessment tools and security products. It normalises that data into a single, common view user interface and provides risk analysis tools to map out risk and remediation options.

The product works by importing the configuration data from all of the various network and security solutions deployed in the enterprise. You define the targets for data collection using the provided web-based user interface. The list of supported devices should cover most environments. If your product is not supported, Skybox supports API's for adding more collector tasks, and for providing data to portals and external workflow/ticketing systems.

Using the configuration data, Skybox creates a network map based upon the combined and correlated sets of rules. It automatically normalises the data into its database, building a virtual network model representing the topology and traffic rules. Skybox then overlays data from your vulnerability scanners to create the risk analysis.

The user interface is a menu driven web style interface. Capturing configuration data from devices can be automatic or manual depending on the device.

We really liked the normalised view of all the combined configuration information. This feature can allow a security team member that may not be familiar with all of the various point interfaces to see a consolidated set of security rules in one common easy to read screen. There is a very nice simulator feature that allows you to test configuration or rule changes and picture what those changes would do to the overall enterprise security posture.

Skybox 4000 is sold as client side software and deploys on Windows or Linux server platforms. There is a server component including a backend database, a client side Java-based client and collectors for the collection of network data. Support 8/5 is included with the product and additional 24/7 options are available for a fee.

This is a great operational risk management tool. It gives you a complete, easy-to-use view of risk and truly helps with remediation decisions. The only drawback is that it is not a real-time analysis tool.

Related Group Test

SC Webcasts UK

Sign up to our newsletters

FOLLOW US