Skyhigh Security Service Edge (SSE)
Secure access has replaced VPNs and saves significant costs while protecting sensitive data
What is our primary use case?
Skyhigh Security serves as a proxy to block requests that are going to the internet, and we are also using it as ZTNA. In our daily operations, we use Skyhigh Security as a proxy to block requests which are not supposed to happen, and to migrate ourselves from VPN, we are using the ZTNA technology which is being provided by Skyhigh. Trellix and Skyhigh are the same company.
What is most valuable?
The best features that Skyhigh Security offers include private access, also called ZTNA, and we can use both on-premises Swig and hybrid Swig or we can pass it to cloud where the categorization will happen. This is a better feature than the competitors.
Skyhigh Security's ZTNA feature has helped our organization as we have migrated a few of the applications which are dependent on VPN to ZTNA, and that was the main use case which helped us eliminate VPN.
Skyhigh Security has positively impacted our organization as we have moved away from VPN, which saved us a ton of money that was being given to the VPN provider, and since Skyhigh Security is an in-house solution, we are using our own product.
What needs improvement?
Skyhigh Security is a very good product, and if there is room for improvement, they can add more features and some additional POPs.
Regarding Skyhigh Security's AI capabilities, I think its governance and security are commendable as we are moving towards the AI generation, and Skyhigh has its own DLP which is helping users not upload sensitive documents to the AI chatbot, making that a main good feature.
For how long have I used the solution?
I have been working in my current field for the past four years.
What do I think about the stability of the solution?
Skyhigh Security is stable.
What do I think about the scalability of the solution?
The scalability metrics for Skyhigh Security would be around 80 percent.
How are customer service and support?
Regarding the customer support for Skyhigh Security, we do not work with customer support; we work with the engineering team and bypass the support, which is the point of an internal product.
Which solution did I use previously and why did I switch?
We were using Skyhigh Security from the beginning and did not previously use a different solution.
How was the initial setup?
Since Skyhigh Security is an internal solution, we do not need to pay anything for our own product, and Trellix and Skyhigh are sister companies.
What was our ROI?
We have seen a return on investment as we were able to eliminate the VPN dependency, which is the main return of investment.
What's my experience with pricing, setup cost, and licensing?
After switching, cost savings would be in the millions since we were having many VPN edge routers, and there were many VPN tunnels utilized on the cloud, and after moving to ZTNA, we were able to cut the cost. That was the main use case.
Which other solutions did I evaluate?
We do not need to evaluate other options since this is an internal solution and we are providing what we are giving to the customer.
What other advice do I have?
I find the interview is good and state that nothing needs to be changed. I gave this review a rating of 10.
Competitive swaps have expanded our customer base but local presence and support still need improvement
What is our primary use case?
I do not use Skyhigh Security firsthand, but M.Tech Philippines distributes Skyhigh Security as one of the authorized distributors. My main use case for Skyhigh Security in my role as a distributor is to position SWG in the market. We have noticed that companies in the Philippines are not yet ready for the full SSE suite. As a startup, we are positioning SWG because the Philippines is not yet ready for the whole SSE suite unless it is mandated by the bank.
One specific example of how we have positioned SWG with a client is that M.Tech used to be a distributor of Broadcom or Blue Coat in the Philippines, and we lost the distributorship, which was transferred to Wesco. One of the strategies we are using is to approach those customers who are Broadcom or Blue Coat users and replace it with SWG. We are offering a competitive swap campaign or displacement campaign, and we are offering high incentives for those partners who will position and replace Broadcom and Blue Coat.
How has it helped my organization?
Skyhigh Security has positively impacted my organization because we have acquired new customers in Skyhigh Security for M.Tech Philippines. For example, we have BPOs or call center companies that are using Skyhigh Security, and that is the direction of their headquarters, especially in the US. We are leveraging that market if they have an approach or advice from their HQ that they should use Skyhigh Security also in the Philippines. We are looking for those customers as well. That is one of our advantages because most of the time, those customers do not have purchasing power, so they are relying heavily on what their headquarters is using.
We do not need to conduct a lot of proofs of concept or extensive effort because they will replicate the setup in the Philippines. A faster procurement cycle has been achieved because we do not need to conduct a lot of proofs of value or proofs of concept, since they already know the solution. Their advice is to use it and implement it in the Philippines. They have already managed it, implemented it, and can deploy it without needing our support. It is easier for us to sell to those kinds of markets.
What is most valuable?
One specific example of how we have positioned SWG with a client is that M.Tech used to be a distributor of Broadcom or Blue Coat in the Philippines, and we lost the distributorship, which was transferred to Wesco. One of the strategies we are using is to approach those customers who are Broadcom or Blue Coat users and replace it with SWG. We are offering a competitive swap campaign or displacement campaign, and we are offering high incentives for those partners who will position and replace Broadcom and Blue Coat.
Regarding features from a technical perspective, we have integration capabilities because we already have a lot of McAfee or FireEye customers. We are leveraging Trellix database, data, and Trellix customers, and it is easy for us to integrate with Trellix because we can use the same ePO. As part of the DLP requirements, Skyhigh Security has a lot of disadvantages in the Philippines. That is what we are hearing from the market, so we are slowly losing market share.
What needs improvement?
From my perspective as a distributor and based on feedback from my clients, Skyhigh Security has a bit of a disadvantage in the Philippines. First, Skyhigh Security is not offering the full SASE suite, so we are just focused on SSE. We do not have SD-WAN unlike the competitors in the Philippines. Second, Skyhigh Security does not have a local representative in the Philippines. Knowing the Philippine market, it is easy for competitors to penetrate the market if they have a good relationship directly with the customer, and that is what we are lacking in the Philippines. Third, since the acquisition of STG, we need to do a lot of awareness activities, and we need to do a lot of brand awareness compared to our competitors in the Philippines like NetSkope and Zscaler. That is actually the disadvantage, as we are not seeing a lot of advantages of Skyhigh Security in the Philippines, but more on the challenges that we are experiencing as a distributor.
To improve Skyhigh Security, they need to have a local representative in the Philippines. For us to penetrate the Philippine market, it should be a local Filipino native that can speak in our local dialect, Tagalog. That is one of the advantages that Skyhigh Security can offer. Second, we need to do a lot of demand generation and lead generation activities wherein we need to invest in a lot of marketing development funds for us to do brand awareness and join collaborative activities with other vendors. Third, as a distributor, we have to work together and leverage the existing databases of our customers. We have to do a lot of integration and collaboration with other cybersecurity vendors for us to bring Skyhigh Security into the picture. Those are the things that we need to improve.
I chose a seven because, from the business perspective, SWG is cheaper compared to our competing brands. However, those three points are what we need to improve: local representative, marketing development funds, and integration. That is why I put seven in my score.
For how long have I used the solution?
We are not using Skyhigh Security in our organization, but in general, it is deployed as a professional service, usually based on the customers' needs, typically in a hybrid or private cloud environment.
What do I think about the stability of the solution?
From my perspective as a distributor and based on my clients' feedback, Skyhigh Security is not stable. I have mentioned earlier the three inputs that we need to improve in the Philippines. Right now, I do not see that it will be stable, and there is no focus in the Philippines.
What do I think about the scalability of the solution?
I do not have feedback from the clients regarding Skyhigh Security's scalability, but as we understand the solution, I think it is very scalable. If I were to score it, I would give it an eight.
How are customer service and support?
Customer support for Skyhigh Security, based on my clients' experience or my own interactions as a distributor, is managed by Trellix, which we do not prefer. What we are doing as a distributor is offering level one support. We are not relying heavily on the vendor when it comes to support because it is not great. They have to improve it.
Which solution did I use previously and why did I switch?
We have not previously used a different solution in our organization or for our clients because we are distributing it. We are a distributor, so we are not using Skyhigh Security.
What was our ROI?
I have not seen a return on investment because we are not using it directly.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, the licensing and pricing for Skyhigh Security, especially for SWG, is cheap. It is very cost-effective, especially knowing the Philippine market. They are also offering the licenses via à la carte, which is very affordable as well.
Which other solutions did I evaluate?
Before choosing Skyhigh Security to distribute, my company evaluated other options like NetSkope, iboss, and Zscaler.
What other advice do I have?
I always believe that Skyhigh Security works hand-in-hand with Trellix. What we are doing in our approach is to deliver the whole use case from an end-to-end approach, and from on-premises to cloud. We can tie the story together with Trellix since they are from the same mother company, which is STG. It is easy for us to look for opportunities and to penetrate the market if we are using Trellix to integrate the solution.
Regarding Skyhigh Security's AI capabilities, I think the governance and security are not ready in the Philippines. We are seeing in the market that a lot of customers are still using legacy applications and legacy appliances. They are not ready for the cloud, and they still need to host their data on-premises. I think the AI capability cannot be maximized in the Philippines right now. No feedback has been received from partners regarding Skyhigh Security's AI capabilities. We are just seeing that it is not ready. The market in the Philippines is so late and delayed that we are not yet ready for this kind of technology and capabilities.
If others are looking into using Skyhigh Security, I would advise them to talk to us as a distributor. I find this interview great, and you just need to evaluate and reassess if you are talking to the customer, a distributor, or a partner. My overall rating for Skyhigh Security is a seven.
Cloud security has protected sensitive data and now prevents leaks across our organization
What is our primary use case?
My main use case for Skyhigh Security is CASB and cloud security. A specific example of how I use Skyhigh Security for CASB and cloud security is that we are protecting sensitive information from being leaked out of our Microsoft and other systems.
What is most valuable?
Skyhigh Security's best features are identification of sensitive information, classification, and remediation. Out of those features, I find remediation the most valuable in my day-to-day work because it is simple and I can restrict access and prevent data leaking from our organization.
Skyhigh Security has impacted my organization positively because we could provide and roll out cloud services across all our users while protecting intellectual property. I do not track any metrics or see specific improvements to measure the impact.
What needs improvement?
Skyhigh Security could delve into AI security more so that AI adoption aligns with current trends. Regarding Skyhigh Security's AI capabilities, I think its governance and security are pretty decent. Regarding Skyhigh Security's AI capabilities, I think its accuracy and reliability of output needs to improve.
For how long have I used the solution?
I have used Skyhigh Security for the past three years.
What do I think about the stability of the solution?
Skyhigh Security is stable.
What do I think about the scalability of the solution?
Skyhigh Security's scalability is pretty decent.
How are customer service and support?
Skyhigh Security's customer support is really great.
Which solution did I use previously and why did I switch?
I was not previously using a different solution; I was using native Microsoft capabilities.
What was our ROI?
I have seen a return on investment because time has been saved. Earlier I had to go through each and every user and revoke access, but the remediation capabilities have picked up pretty quickly, and that has been our major time-consuming event in the past that has now been improved.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing is overall great.
Which other solutions did I evaluate?
I did not evaluate other options before choosing Skyhigh Security as it was the first one I considered.
What other advice do I have?
My advice to others looking into using Skyhigh Security is that it is easily adoptable, implementation will be pretty quick, and customer support is great. I would rate this review a 9 out of 10.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Flexible policies have simplified managing users, locations, and shadow IT in daily operations
What is our primary use case?
In my day-to-day work, I use Skyhigh Security to manage two specific people in my team, one being a vendor and the other a full-time employee. I have a different policy for contractors and full-time employees. Using Skyhigh Security, it is easy to implement those policies based on the user, user type, group type, or the device they are using, and the location of the user.
Overall, I personally use Skyhigh Security for Shadow IT discovery, which is very useful. Being able to see which unsanctioned apps employees are accessing helps me prioritize policy decisions, so that secure web gateway and CASB perform reliably for policy enforcement and filtering. Additionally, integration with my existing infrastructure was smoother than expected.
What is most valuable?
When I mention flexibility in applying policy, it works for me because I have a device provided by the company, but I can take that device to my personal infrastructure, such as personal hotspots or Wi-Fi. Accordingly, those policies should be implemented where I am right now. It is flexible regarding where your device is and which user is using that device. Accordingly, the policy will be applied.
Skyhigh Security has positively impacted my organization by easing my day-to-day job in managing policies and users. If there is an outrage in terms of a policy change, who changed it, or why a certain website is not working, it is very easy to troubleshoot because I have those reporting systems.
Troubleshooting has become easier with Skyhigh Security. For example, if a certain website is not working, I can easily see where it is failing. During the initial handshake, TCP handshake, or DNS, I can identify if the issue is due to a certificate or a policy. If I discuss the policy, I can determine which policy it is—web filter, application filter, or DLP policy.
What needs improvement?
Regarding Skyhigh Security's AI capabilities, my experience shows it is still in a booming state or still scaling up, so it still needs improvement.
Concerning Skyhigh Security's AI capabilities, I find its accuracy and reliability of output to be something I hardly use. I rely more on manual processes because I know where to look and what to look for.
For how long have I used the solution?
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
How are customer service and support?
What's my experience with pricing, setup cost, and licensing?
Web access controls have created a focused work environment and prevent data leakage
What is our primary use case?
My main use case for Skyhigh Security is blocking malicious websites, blocking non-DLP acceptable websites, preventing data sharing, enforcing DLP, preventing access to unpleasant websites, and preventing people from using YouTube, advertisement applications, or LinkedIn. We mainly use it to make the work environment dedicated to work without giving employees entertainment that is not allowed.
What is most valuable?
In my opinion, the best feature Skyhigh Security offers is its ability to perform deep TLS interception to take action based on that analysis. Deep TLS inspection is a very valuable technology to have with your device.
Skyhigh Security has positively impacted my organization by providing more compliance and more regulatory adherence.
What needs improvement?
It would be beneficial to have an API for Skyhigh Security. We also experienced some troubleshooting issues when we were troubleshooting our rules, which was not pleasant to manage.
Skyhigh Security can be improved as it lacks debugging capabilities. The main issue is that if we have a website that is blocking Skyhigh Security's proxy, for example a bank website, we will not be able to tell until someone calls us. They do not know enough about our technology because they do not need to be technical experts. Some people are in sales, and some people use their computers for only basic tasks and do not understand that they are being blocked by us or do not know who to contact. We are unable to determine that a banking website is blocking Skyhigh Security through our proxy because the bank is not accepting Skyhigh Security's proxy. Another issue is the lack of API. There is no API available. We tried to contact support about this, and they said there would be an API at the end of quarter one, maybe quarter two, but I am not sure what happened. They did not get back to us.
I chose a rating of eight for Skyhigh Security because of the issues I mentioned, including the lack of API, the lack of troubleshooting and debugging for websites that are blocking us or the end users because of the proxy, and we have to perform a proxy bypass to allow access. Additionally, it does not allow HTTP/3 interception, which is an issue.
For how long have I used the solution?
I have been using Skyhigh Security for around six months or more. I am Ahmed, a security information specialist at Nornet, and I have been working there for three years, starting last August.
What do I think about the stability of the solution?
Skyhigh Security is not stable.
What do I think about the scalability of the solution?
Skyhigh Security's scalability is affected by the fact that you make rules that become less maintainable over time because it is like documentation, and it is difficult to document the patches. This is the most frustrating part of everything in technology, as documentation and patching issues are always challenging.
How are customer service and support?
The customer support for Skyhigh Security is great. They are helpful and responsive.
Which solution did I use previously and why did I switch?
I did not previously use a different solution. We did not have a comparable solution in the past, though we may have had Zscaler or similar offerings, but nothing comparable to Skyhigh Security so far.
What was our ROI?
I have not seen a return on investment from Skyhigh Security yet. I do not have numbers for this, but it is a sound investment idea. We should develop metrics to measure this.
Which other solutions did I evaluate?
Before choosing Skyhigh Security, we evaluated some other options but decided to stick with Skyhigh Security. We are also aware of Trellix, but we chose to remain with Skyhigh Security.
What other advice do I have?
Regarding Skyhigh Security's AI capabilities, I have not tried them. I did not hear about Skyhigh Security's AI capabilities, and I only used Skyhigh Security without AI. This is the first time I have heard that Skyhigh Security has AI capabilities.
Skyhigh Security is deployed throughout our organization. According to our engineer, it should be on-premises, and it is deployed on-premises.
My advice to others considering Skyhigh Security is that it has more capabilities than you might initially think. You should make sure to explore everything before you start using it so you can understand all the areas where you can utilize Skyhigh Security, as you might find many other useful options for deployment. An important consideration is to ensure that Skyhigh Security will not negatively affect the daily work of your engineers and employees. You should plan for a smooth implementation of Skyhigh Security because it might block access to resources that it was not intended to restrict.
I have rated Skyhigh Security with a score of eight out of ten.
Focused on improving cloud dashboards and threat insights while securing SaaS access from managed devices
What is our primary use case?
My main use case for Skyhigh Security is securing critical SaaS platforms, namely Salesforce and Office 365.
A specific example of how I use Skyhigh Security with Salesforce and Office 365 is limiting access to the service from managed devices only.
In addition to my main use case, we also provide restricted access to Salesforce from unmanaged devices that keeps the data in Salesforce safe while enabling necessary access.
What is most valuable?
The best features Skyhigh Security offers are their Shadow IT visibility and Cloud Catalog, which are probably the best in the industry. Their ability to agentlessly enable access for managed devices is great.
The Shadow IT visibility and Cloud Catalog have helped my team by allowing us to move faster with allowing access from all different types of devices, phones and computers, because the agentless portion was beneficial since we did not have to deploy an agent. Their cloud catalog has over 30,000 cloud services and detailed risk ratings and helped us surface use cases that we did not know about that we needed to address.
Skyhigh Security has positively impacted my organization by helping fill a need that was unaddressed at the time, especially as Cloud Access Security Brokers came out and were very popular around 2018. We did not have a standardized set of tools for visibility and control of cloud services, so aggregating Shadow IT logs in one place for visibility was new and powerful.
What needs improvement?
Skyhigh Security can be improved because their administrative dashboard frequently has issues; it is unresponsive, unusable, or very slow often. The anomalies and threats that are generated are investigated, and they are generally benign or noise. We do not really get actionable anomalies or threats, unfortunately. Sometimes Skyhigh Security does not integrate well or compete well with native capabilities of clouds, such as email DLP because it does not support Microsoft Purview encryption, which blinds Skyhigh Security's DLP, creating a large hole. Additionally, the cloud access controls are not fine-grained, so a product like Entra ID can provide fine-grained access to different sub-services of Microsoft, which is better. Furthermore, the DLP policies for Skyhigh Security were never as good as they sounded on paper; lots of trial and error was needed to help put a policy in place, and ultimately, we could not move forward with some policies just because they never worked the way that we thought they should.
They do listen to customers, so that does help there. If you provide feedback, they do address it, which somewhat mitigates the issues.
For how long have I used the solution?
I have been using Skyhigh Security since 2018.
How are customer service and support?
Their support is somewhat inexperienced and there is a fair amount of turnover within the company that we experienced, which we found challenging; but that may not be atypical for security vendors.
What other advice do I have?
Regarding Skyhigh Security's AI capabilities, I do not have much experience with their AI capabilities. They did have a regex generator that was built in, which was novel, and they helped us surface the use of AI in other platforms, but I have not used any Skyhigh Security AI services.
In terms of Skyhigh Security's AI capabilities, I would characterize them as not mature.
Skyhigh Security is deployed in my organization as a SaaS platform. We only use the Cloud Access Security Broker, so it was all in Skyhigh Security's SaaS.
We did host the cloud connector in Azure, but that is not necessary for the operation of Skyhigh Security, just to help with Shadow IT log processing.
I would advise others looking into using Skyhigh Security to consider the goals of implementing a Cloud Access Security Broker, as a lot of cloud services such as Microsoft and Salesforce have invested heavily in native capabilities. Therefore, it is possible that third-party tooling is not needed. I would rate this product a 4 overall.
Cloud risks have been reduced and data protection improves with better DLP tuning
What is our primary use case?
My main use case for Skyhigh Security is preventing cloud access and user activity, especially around SaaS applications, DLP, web security, and visibility into risky user behavior.
I have a recent example of how I use Skyhigh Security for protecting cloud access and monitoring risky user behavior. The workflow was to identify the risk activity, validate if it was legitimate by the proper DLP policy, and then use the visibility to support the security team of the client, reducing the exposure.
Mainly, I use Skyhigh Security to monitor cloud and web activity, validate risk, and help the security team understand where sensitive data may be exposed or leaving the environment.
What is most valuable?
In my opinion, the best feature Skyhigh Security offers is the DLP capabilities and visibility into cloud. The CSPM was a good feature, and app control for SaaS applications was also good.
The visibility and EAP capabilities help provide a clear view of user activity. For example, it made it easier to identify risk access patterns, understand which users were interacting with sensitive data, and apply the right controls before the risk becomes a bigger issue on the client.
The best description is that it helps the security team respond faster to risk behaviors and give more confidence when managing sensitive data across SaaS applications.
What needs improvement?
Some applications lack integration because applications such as WhatsApp are difficult to intercept due to point-to-point encryption. I think an enterprise browser would be a good improvement. I am not certain if Skyhigh Security has this offering, but I think it would be a good addition.
I chose seven out of ten because Skyhigh Security has some problems with frequent updates on the SCP client, and there are some bugs.
For how long have I used the solution?
I have been using Skyhigh Security for the last five years.
What do I think about the stability of the solution?
Skyhigh Security has been stable today.
What do I think about the scalability of the solution?
Skyhigh Security has good scalability, and I do not have any problems with it.
How are customer service and support?
I think customer support is generally helpful and professional, but the time to reach a final resolution could be improved. In some cases, the first responses are useful, but complex issues can take longer than expected to fully resolve, especially when an escalation is needed.
Which solution did I use previously and why did I switch?
Previously, we used a Forcepoint solution. We switched because we needed better visibility across SaaS applications, stronger cloud activity monitoring, and a more centralized way to manage DLP and risky user behavior. The other product was not giving us the visibility we needed and had a lot of uptime problems.
How was the initial setup?
My advice would be to plan the deployment carefully, especially around the DLP policy, user groups, and business exemptions. Skyhigh Security is a strong platform, but the policy tuning, a clear use case, and good alignment between the security, IT, and business teams are important. I recommend starting with the critical SaaS apps and sensitive data flows first, then expanding gradually.
What about the implementation team?
My company does not have a business relationship with this vendor other than being a customer.
What was our ROI?
We saw return on investment. For example, before using Skyhigh Security, a security analyst could spend around two to three hours manually investigating a potential data exfiltration incident, checking logs, users, applications, and file activity across different tools. With Skyhigh Security, that same analysis could often be reduced to around ten minutes because the platform provides centralized visibility into the users, applications, and data involved. I think it was a good investment and we have seen ROI.
What's my experience with pricing, setup cost, and licensing?
The pricing and licensing was generally aligned with the number of users and the models, and the cost depends on the scope, but I think Skyhigh Security has great pricing for the market.
Which other solutions did I evaluate?
We checked other options such as Check Point SASE before choosing Skyhigh Security.
What other advice do I have?
One example was a user trying to upload sensitive internal files to an unsanctioned cloud storage app. Skyhigh Security helped us quickly see the user, the application, and the type of data involved. That visibility helped us take action before another attempt occurred. Because of that visibility, the team was able to block the upload and validate the activity with the user and adjust the DLP policy to prevent similar incidents in the future. I rated this review seven out of ten.
Integrated cloud security has improved data protection and discovers shadow IT for compliance
What is our primary use case?
My main use case for Skyhigh Security is for data security, where I use it as a CASB product.
I use Skyhigh Security day-to-day by integrating it with our different cloud components, creating policies for data leakage or data discovery, and receiving alerts for policy violations.
What is most valuable?
The best features of Skyhigh Security are the screen share, the policy part, and the visibility it provides for the integration part, giving us good visibility while using Skyhigh.
These features help me in my daily work by reading from the back-end and giving us full control on the analyzing part, which keeps the visibility for the incidents.
Skyhigh Security has positively impacted my organization by enabling us to discover the Shadow IT concept and identify unauthorized cloud applications or integrations, helping us maintain compliance and governance.
The impact of Skyhigh Security can be seen in improved analytics, governance, and the identification of shadow IT parts, leading to fewer security incidents.
What needs improvement?
Skyhigh Security can be improved by addressing the current challenges we face with complex DLP policies that are difficult to manage, particularly in managing the exception rules in a large environment.
The challenges I face remain with the CASB and DLP parts, focusing on the DLP policies and exception handling.
For how long have I used the solution?
I have been using Skyhigh Security for around three years.
What do I think about the stability of the solution?
Skyhigh Security is stable.
What do I think about the scalability of the solution?
Regarding scalability, since it is majorly SaaS-based, I am not entirely certain about its scalability.
How are customer service and support?
I currently get support via our vendor, so I find it hard to comment on the direct support from Skyhigh Security, but I can say it is good and not bad; it is acceptable.
Which solution did I use previously and why did I switch?
I did not previously use any other solution; this is the first CASB we have used.
How was the initial setup?
My experience with pricing, setup cost, and licensing indicates it is high, but it is negotiable.
What about the implementation team?
We are the end users and do not have a business relationship with this vendor beyond being a customer.
What was our ROI?
While I cannot calculate the ROI directly since it is a security product, Skyhigh Security has helped maintain compliance and save resources, particularly in terms of time.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing indicates it is high, but it is negotiable.
Which other solutions did I evaluate?
Before choosing Skyhigh Security, we evaluated Zscaler and Netskope.
What other advice do I have?
Skyhigh Security is deployed in a SaaS-based environment as we take services from them and integrate it with cloud components, including a hybrid approach where we directly integrate from the SaaS to components like Salesforce and use Skyhigh Security with in-house AD integration.
Skyhigh Security is a good product with better features compared to other CASB and DLP products in the market, especially if you are looking for a combined solution with SASE features. I would rate this product an 8 out of 10.
Centralized cloud security has improved DLP incident management and simplifies email protection
What is our primary use case?
I primarily use Skyhigh Security for CASB in a Cloud Access Security Broker, and it has been integrated with Trellix DLP. Both Trellix and Skyhigh Security are utilized as on-premise solutions to secure clouds and emails.
Skyhigh Security is used as a cloud service for all mail, with Microsoft Exchange integrated through Skyhigh Security, which is also integrated with Trellix. All policies applied on Trellix are applicable on Skyhigh Security, and traffic flows through Skyhigh Security, creating incident logs that are reviewed and acted upon accordingly with the user.
With 18,000 users, Skyhigh Security has proven beneficial in reducing incidents. Two members manage Skyhigh Security CASB completely, which is sufficient for our organization.
What is most valuable?
Skyhigh Security is a good product that is very easy to integrate with any tools, and the dashboards are user-friendly and easy to understand. One valuable feature is the ability to identify SSL certificate expirations within one tool, which most other tools do not offer.
Skyhigh Security has positively impacted the organization by helping manage DLP incidents, allowing for customizable dashboards based on requirements, and preventing unauthorized access.
What needs improvement?
One major challenge is that downloading incidents during the investigation process takes a very long time, and this issue should be resolved. More customized columns and filtering options in incident review would be beneficial. File types should be included, such as file names along with file extensions, which are not currently available to my knowledge.
Overall, Skyhigh Security is very good and just needs to improve in terms of the latency of downloading incidents.
For how long have I used the solution?
I have been using Skyhigh Security for one year.
How are customer service and support?
Skyhigh Security provides awesome support, and I can call anytime if I face any challenges. Weekly setup calls are conducted with all clients to discuss ongoing issues and resolutions. The customer experience has been very nice, and I appreciate this support. I have worked with Forcepoint previously but really prefer the support provided by Skyhigh Security.
Customer support is very nice and has been very prompt. I rate customer support 10 out of 10 because of the weekly calls regarding raised tickets and immediate responses from support, which has been really useful.
Which solution did I use previously and why did I switch?
Previously, I was working on Forcepoint DLP, which was also on-premise. In the CASB area, this is the first time using Skyhigh Security as a CASB product.
What's my experience with pricing, setup cost, and licensing?
I was not involved in the setup cost details, but generally, it aligns with standard on-premise costs.
Which other solutions did I evaluate?
I was not present during the evaluation of other options before deploying Skyhigh Security.
What other advice do I have?
I chose a rating of 9 out of 10 because of the downloading issues with incidents, which take longer times to complete. Sometimes incidents need to be downloaded immediately, but the process takes a long time. I definitely recommend using Skyhigh Security, and my overall review rating is 9 out of 10.
Strong support and simple interface have improved secure web access and policy management
What is our primary use case?
My main use case for Skyhigh Security is working in a Skyhigh Security Secure Web Gateway that is an on-premises proxy at Gail India Limited. In that environment, I use Skyhigh Security as an on-premises proxy, so its job is to act as a proxy between the user and the internet and maintain the security of the overall organization.
Skyhigh Security supports various day-to-day tools in today's cybersecurity world, including the GAM engine and GTA engine, which is a very good feature in Skyhigh Security on-premises proxy. Previously, I worked on a CASB solution with an API-based DLP integration.
What is most valuable?
The best features Skyhigh Security offers in my experience would be its user interface, which is very good among other competitors. In addition, its support team and the real-time GTA engine are working very well.
The user interface is simple and easy to understand, and we can handle it well when compared to other competitors. The support team provides day-zero and day-one resolution much quicker, and they assist us in an easier manner.
Since Skyhigh Security was implemented one year ago, I have noticed positive impacts on my organization. Although there were a few challenges, the support team and the Professional Services team managed them well. I see many challenges regarding day-to-day use cases where we need to fine-tune those policies and a few exceptional challenges where the support team and Professional Services team have helped us.
Regarding compliance, Skyhigh Security met all the compliance requirements at Gail, and it is very well managed by the Professional Services team initially. After that, there were a few challenges regarding minor and major issues, but those were handled and executed well.
What needs improvement?
One improvement I can suggest for Skyhigh Security is that a better resolution from the Professional Services team, apart from the support team, is needed because sometimes during the weekend, resolution takes time, and reaching out to the Professional Services team is complicated.
The user experience is good and performance is also best among other competitors. However, I would suggest using it to maintain a cloud posture in a simpler way. The backend part could be improved based on other competitors.
For how long have I used the solution?
I have been using Skyhigh Security for more than one and a half years.
What do I think about the stability of the solution?
In my experience, Skyhigh Security is stable.
What do I think about the scalability of the solution?
Regarding scalability, I find Skyhigh Security easy to scale. We upgraded with a plan for the next five to seven years to run with this solution because this easy scalability is what we are able to achieve with Skyhigh Security for our environment.
How are customer service and support?
I am satisfied with the help and response I receive from customer support. I would rate the customer support a ten.
What other advice do I have?
My advice to others looking into using Skyhigh Security would include its user interface, its support, and the scalability, which are very good. These three points are what I appreciate most about Skyhigh Security, and every time I meet others, I suggest that. Skyhigh Security is well managed, and its user interface is simple and easy to use for a security solution; it is a very good solution. I would rate this product a nine overall.