Why Device Support Matters
Today’s enterprise networks are vast oceans – they span large geographical areas and consist of hundreds of thousands of devices… routers, servers, load balancers, firewalls, and many others. Although networks tend to grow organically, mergers, acquisitions, or network consolidations change the network dramatically in short periods of time.
To further complicate matters, disparate network devices are the norm today. At Skybox, working with Fortune 1000 enterprises and government agencies worldwide, we see a network with homogeneous devices about as frequently as the Lock Ness Monster. Unless you’re Cisco, that is.
To understand where your network is vulnerable, how an attacker could exploit your important assets, or which threats are most critical to your business, you need to understand your network and the interactions with all of its devices. This is a significant operational challenge for organizations today. Ten years ago, you would hire subject matter experts for each device type or vendor, but today’s networks are too large and complex to manage manually, even with a dedicated team.
Enter Exhibit A: a typical network map for government agencies and our enterprise customers. How could you possibly begin to understand this network manually?
The Skybox solution automatically gathers and analyzes network and security device configurations, endpoints, vulnerability and patch data, creating a detailed network model and topology map, with no user input required. By normalizing all relevant data, Skybox customers have a unified view where devices can be easily compared and evaluated regardless of vendor.
So, if a device isn’t supported, it can’t be automatically included in the network model and topology map. Without comprehensive device support, you lack complete network visibility – effectively leaving you with the navigational equivalent of an astrolabe to sail the ocean of devices that is your network. Why settle for a vague understanding when a precise GPS solution is available?
Let’s consider a 200-firewall network where 40 percent of the devices are fully supported, another 40 percent are only partially supported, and the remaining 20 percent are not supported at all. If the 80 devices that are partially supported don’t contain the routing information necessary to perform core calculations, such as access path analysis, then for all practical purposes they not supported for any useful risk analysis. In practice, you have 60 percent of your network devices unsupported.
The bigger issue is that these network blind spots compound the risk because the network and security teams are unconsciously unaware. In reality, with 60 percent of the network device unsupported, you are only seeing a small section of the picture. Your understanding of network traffic flow is flawed, and potential attack vectors and threats are unseen. In that scenario, you don’t even know what you don’t know … and so much is unknown, is it worth bothering at all?
Skybox has the best device support in the industry – we support more than 80 devices right now, and we add more every six weeks. While some vendors offer levels of device support (sometimes simply showing the same view you would see in the device console), Skybox normalizes all of the device information for every supported device, such that the full analytics capabilities could be used for any environment
In fact, Skybox works so well that recently a UK customer shared with me that his team was quite surprised when they deployed the Skybox solution, as it turned up network devices that they had never seen before, and had never shown up with any other security tool.
When Skybox lists a device as supported it means that it will be automatically interrogated and incorporated in to the network model and subsequent analysis. This is true for every device listed and calculation from access path analysis, to threat modeling, to risk analysis.
The devices that Skybox supports are driven by our customers’ needs, and we are consistently adding new supported device. On average, we add a couple of products to our supported devices every two months. Stay tuned to see what we will add next!