Skybox Risk Control & Network Assurance

Powered by SC Magazine
 

It has good network mapping, risk correlation, audit logging, and an ability to understand IPS events, but it lacks in business risk support and compliance control.

Skybox Security provides a portfolio of automated tools. Skybox Risk Control and Skybox Network Assurance v5.5 can be used separately or together to help organizations address their risk management needs. The combined platform collects data from various networks, assessment tools and security products; normalizes that data into a single, common-view user interface; and provides risk analysis tools to map out remediation options. The tool is offered as either software or appliance.

The product works by importing the configuration data from all the various network and security solutions deployed in the enterprise. The admin defines the targets for data collection using the web-based user interface. The list of supported devices should cover most environments. Skybox also supports APIs for adding more "collector" tasks. New features in this version include Firewall Assurance, which takes into account user and applications settings when conducting firewall rule analysis, policy compliance audits, firewall change tracking and network access path analysis. There is also access path analysis at the firewall and network-level change tracking at the user and application level, expanded firewall rule compliance audits and platform configuration checks for network devices.

After interfacing the product to network, security and vulnerability scanning systems, it can configure policy and use all of the correlated data to determine adherence with those corporate policies. The firewall module has a nice checking capability to find things like duplicate rules and inadvertent rules that don't match stated policy. There is a useful change-tracking feature providing a solid audit log. There is a solid "what if" simulation tool for modeling changes. The network module works much the same way and builds an automated network map that is very helpful and customizable. There is also a useful attack simulation capability.

Copyright © SC Magazine, US edition


Skybox Risk Control & Network Assurance
 
Overall Rating
Verdict:
Great for mapping network and firewall configurations to corporate policy.
Product Info
Specs:
Version 5.5
 
Supplier:
 
Price when reviewed:
4000
 
 
 
Top Stories
 
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  19%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1897

Vote
Do you support the abolition of the Office of the Information Commissioner?