Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Skybox 4000 v1.0 is an operational risk management platform that collects data from various network assessment tools and security products, normalises that data into a single, common-view user interface, and provides risk analysis tools to map out risk and remediation options.
The product works by importing the configuration data from all the various network and security solutions deployed in the enterprise. The admin defines the targets for data collection using the web-based user interface. The list of supported devices should cover most environments. If your product is not supported, Skybox supports APIs for adding more collector tasks and for providing data to portals and external workflow/ticketing systems.
Using the configuration data, Skybox creates a network map based on the combined and correlated sets of rules. The product automatically normalise the data into its database, building a virtual network model representing the topology and traffic rules. Skybox then overlays data from vulnerability scanners to create the risk analysis.
The user interface is a menu-driven web-style interface. Capturing configuration data from devices can be automatic or manual depending on the device. We really liked the normalised view of all the combined configuration information.
This feature can allow a security team member that may not be familiar with all the various point interfaces to see a consolidated set of security rules in one common, easy-to-read screen. There is a very nice simulator feature that allows you to "test" configuration or rule changes and picture what those changes would do to the overall enterprise security posture.
The product is sold as client-side software and deploys on Windows or Linux server platforms. There is a server component, including a backend database, a client-side Java-based client, and collectors for the collection of network data.
Eight-hours-a-day/five-days-a-week support is included with the product and additional 24/7 options are available for a fee.
This is a real nice operational risk management tool. It gives admins a complete, easy-to-use view of risk and truly helps with remediation decisions. The only drawback is that it is an after-the-fact tool and not a real-time analysis tool.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.