OPSEC Partners

• Automated IT Security Modeling – Skybox View builds a virtual network model by collecting configurations from network devices. The virtual model enables the user visualization of the real network and serves as a basis for access and attack simulation.
• Network Access Simulation - Based on information provided by the virtual network model, Skybox View Access Analyzer calculates network access privileges between any two given points, as determined by firewall and routing policies within the infrastructure.
• Firewall Auditing - Skybox View can automatically and non-intrusively audit firewall rulebases and compare them to internal policies and/or industry best practice standards such as NIST 800-41. Within minutes, it can uncover policy violations or errors that cause security holes and provide guidance as to how to close them.
• Network Security Policy Validation - The whole network can be audited holistically based on the virtual network model and the best practice standards (or customized policies). The user may tag areas in the network for being Internal, External, DMZ, B2B etc. and an exhaustive network access simulation will be performed to find policy violations, as well as policy metrics.
  
  This process can save the need for auditing one firewall at a time, and enable to focus on end to end connectivity and exposure analysis.
• Configuration Change Assurance - Network change requests can be monitored within Skybox View. The user may realize the changes done in the firewalls automatically and continuously, as well as analyze interactively differences in the rulebases. What-If sandbox can be used to test changes in the rulebase before deploying them.
• Attack Simulation & Vulnerability Prioritization - Skybox View conducts exhaustive, non-intrusive attack simulations against the virtual network model to measure the effectiveness of potential threats in penetrating security defenses.
  
  The user can then focus on resolving the exposed vulnerabilities which impose risk on the most critical business applications. This enables the user to postpone or eliminate the need to fix the majority of the vulnerabilities – e.g. the ones which are not exposed to potential attackers.
• Business Impact Analysis & Risk Metrics - In Skybox View, the user may map (or import) the business applications and assign business impact rules. Based on the attack simulation Risk metrics are automatically generated for every business asset, which can be presented to managers and used for prioritizing remediation efforts.
• Workflow Management - A built-in easy to use ticketing system enables to manage workflow for remediation of security problems from vulnerability to policy violations. The workflow system can be integrated with an enterprise ticketing system such as Remedy® by BMC.
• Reports & Dashboard – Skybox Secure provides executive and workflow reports for business and technical users. Reports can be customized and may be generated automatically. Skybox View Dashboard provides top to bottom view for security risk metrics via intuitive web interface.

Skybox View utilizes OPSEC CPMI API to read the firewall and VPN configuration. This data is one of the building blocks of Skybox View virtual network model that enables customers to run access analysis and attack simulation, taking into consideration the traffic rules of the firewall (ACL, NAT etc.).

Skybox View also utilizes OPSEC LEA API in order to read activity log records and report on utilization of firewall rules and objects. Skybox View is able to highlight rules and objects that have not been used, which are candidates for clean up, as well as presenting hit counts that can be used for optimization of the firewall policy.

This technology enables the user various benefits, including firewall auditing, holistic network policy compliance and connectivity enforcement, as well as exposure based security assessment.

• Skybox Assure 3.5 Datasheet [PDF]
• Skybox Secure 3.5 Datasheet [PDF]