Skyhigh Security Reviews

Skyhigh Security is used predominantly as a CWPP, where my customers have workloads in Azure or AWS, which require a workload protection solution and a post-production solution. In terms of Skyhigh Security being a CASB solution, it's for the SaaS applications of my customers, specifically for DLP protection, access control, and UEBA. The use case is based on what the customer gives me, then I would evaluate the requirements and propose a solution.

Skyhigh Security is not a bad product. It was a market leader. When McAfee acquired it, it was in the top magic quadrant. It is a good product.

I also like that McAfee has been in the endpoint security market for quite a long time and knows how things work.

What I found most valuable in Skyhigh Security is its stability.

The solution also has good KB articles that make it simple for users to do the deployment of Skyhigh Security themselves, without the need for integrators.

One area for improvement I've seen in Skyhigh Security is that it lacks support for unsanctioned applications, where customers have their applications. Those applications do not come from Microsoft or other popular vendors. For example, Microsoft has support for Teams and it has support for OneDrive, but it doesn't have support for custom applications built by customers. Customers have internal teams building and publishing applications to the external world, but Skyhigh Security doesn't have support for those applications, and this is the main problem I've seen. The solution only supports a pool of applications that are from Microsoft and other major SaaS vendors. McAfee doesn't provide support for custom applications, compared to other vendors who provide it. For example, Bitglass and Netskope both have support for custom applications.

Another area for improvement in Skyhigh Security is that its API support is a little weak.

I also have not seen a strong integration between the solution and other McAfee products. SkyHigh Security is also not closely integrated with other McAfee CWPP products. If you have McAfee-connected security storage that you've built in the past, I have not seen integration between that storage and SkyHigh Security. Integration between the solution and other McAfee products needs improvement, though it may be because SkyHigh Security is an acquired product and is not a homegrown product of McAfee. McAfee may not have invested time with integration, but that is one good idea where McAfee could turn SkyHigh Security into a complete security product, and not just a CASB solution. Integration is really important and could help transform SkyHigh Security into a complete security solution.

Performance could also be improved in SkyHigh Security because it is the main concern of customers. What's challenging is that the solution has a lot of CPU and requires a lot of memory which affects performance.

What I'd like to see in the next release of SkyHigh Security is strong integration with third-party products. API integration is also another feature to focus on because everybody is now building APIs.

Skyhigh Security is a stable solution.

Skyhigh Security is a scalable solution.

My experience in terms of technical support for Skyhigh Security from McAfee has been good, so far.

The initial setup for Skyhigh Security was very simple. McAfee products have a straightforward deployment.

We implement the solution in-house. Users can also do the deployment themselves because the KB articles for Skyhigh Security are quite good. Anybody can read the KB articles and do the deployment. Deploying the solution is not that complicated.

Commercially, I find Skyhigh Security a little costlier, compared to other products such as SentinelOne or Cybereason which are really novelty products. I'm not comparing Skyhigh Security with Trend Micro, but with other products, in particular the new, next-generation products. The price for Skyhigh Security is high in terms of value and ROI. I would rate the product price combined with product efficacy a six out of ten.

I've evaluated SentinelOne and Cybereason.

I'm not using Skyhigh Security daily because I just propose it to my customers. I'm involved in presales and consulting activities for the solution, but I get feedback from my customers and I also understand how Skyhigh Security works.

I've known McAfee products for a long time, including Skyhigh Security, and I've worked with McAfee products for about ten years. I've had interactions with McAfee since 2009. I have Skyhigh Security in my portfolio, and I do the implementation, transition, and transformation for it. I also do these for other McAfee products.

I don't propose the latest version of Skyhigh Security to my customers. What I propose is the latest stable version that could be N minus one or N minus two. The previous version is more stable than the latest version because, in the latest version, there's always a bug. Product vendors do testing in their environment, but real-time scenarios are quite different, so you will always have issues in the latest version. N minus one or N minus two becomes more stable because you have the four fixes factors, everything applied on top of it for the unexpected or unqualified or untested bugs and that becomes more stable, so that's how I go about it. I never propose the latest version, though McAfee will say it has many functions.

For one hundred users of Skyhigh Security, only one resource is required. One person can manage all those solutions, but it would still depend on the number of products you're onboarding. If you have four products in the basket, it would require more than one resource, for example, in your core product, I would say 0.5 to 0.25 FC is the maximum required for four hundred users.

You'll also not get a lot of tickets for Skyhigh Security. You will mostly get tickets from users because of virus alerts and some performance issues. I have not seen the latest ENS version, but there is a performance issue with the ENS. It's not an issue with Skyhigh Security itself, but the ENS part. I hope that has been fixed.

McAfee is good and has been in the market for fifteen or twenty years, but the products are not innovative. Security has been evolving and there are quite a lot of products on the market. CrowdStrike is younger than Skyhigh Security and started the business after McAfee, but it's capturing the market. Products such as SentinelOne and Cybereason also belong to the same niche and are endpoint security or EDR products, and AV products as well. They are so innovative and very efficient. Based on the latest Mitre Attack Evaluation result, which is a simulation or study that talks about the efficacy and efficiency of the product, and is not something theoretical, rather it is lab simulated, so all the latest versions of APTs or advanced system threats are selected in the lab and the products are tested against those, and if you look at that report, the products that come in the first place are Cybereason and SentinelOne, while McAfee in terms of efficacy is somewhere in the third quadrant. The efficacy is thirty to fifty percent only. If I have one hundred TTP, McAfee is detecting just fifty TTP, and the remaining fifty TTP are missing. I'm talking about the efficacy of the product. Cybereason and SentinelOne have an efficacy that is above eight five to ninety percent, and have one hundred percent detection or visibility on the ATP, while McAfee isn't reaching that percentage or level. That is where McAfee is losing the market. McAfee products are not innovative and stuck in the old ways, while the threats are ever-evolving. McAfee products are not at par with the rest.

From a technical point of view, I would rate Skyhigh Security eight out of ten.

We use the solution to provide security to remote users.

Skyhigh offers solutions like WLP and CASB. These tools provide instructions and guidelines for enhancing data security. Additionally, they offer additional software solutions for further protection.

Skyhigh Security is complex to manage. While it should ideally be more user-friendly, customers often find themselves having to manage it post-deployment.

I have been using Skyhigh Security for six months.

The solution is stable.

The solution is scalable.

The initial setup is straightforward. It takes 30 minutes for normal while for bigger deployment, it may take upto two hours. You have to install the agent, and install the certificate. One engineer is enough to deploy to maintain the solution.

The pricing varies depending on factors such as requirements and the management. While it may not be the cheapest option, it's generally reasonable for what it offers. Ultimately, the cost depends on the deal and the level of service required.

FortiGuard is a little easy to manage.

The functionality of Skyhigh Security is comprehensive, but it may be complex for our customers. The technical team can navigate it, ordinary users may find it daunting without extensive research. They may require assistance from MSP for effective management. The portal should be designed to be user-friendly, ensuring ease of understanding for the IT team or any other relevant department.

The DLP component ensures compliance with HIPAA and PI regulations. They maintain a static portal to track other compliance requirements they're adhering to.

I recommend the solution. However, they'll need well-trained professionals to manage it effectively. If you have another VPN and connect it to this network, it may cause some issues and require constant troubleshooting. This could potentially block agents, so it's important to carefully configure the settings from the outset. Fine-tuning is necessary, so it's crucial to dedicate time and effort to the project.

Overall, I rate the solution an eight out of ten.

Our primary use case for Skyhigh Security is ICAP. We're also using it for web proxy and filtering purposes for all internal company websites and user sites such as Microsoft Team filtering.

The feature I like best about Skyhigh Security is its wide range of product support. For example, my company had NetApp storage running, and Skyhigh Security has on-premises NetApp storage support, which isn't available in other solutions.

Skyhigh Security also has a better filtering feature versus the filtering feature in other solutions.

An area for improvement in Skyhigh Security is its UI. It needs to be enhanced and made more user-friendly. Right now, the UI of Skyhigh Security is sometimes confusing.

For example, my company is deploying Skyhigh Security for a client and integrating it on the cloud, from an on-premises deployment to a hybrid deployment. Though the experience isn't bad, there needs to be more enhancements.

Another room for improvement in Skyhigh Security is the limited training resources, especially when you compare it with Cisco, which has many study materials in the market, even free training resources. You'll get limited resources if you search for Skyhigh Security tutorials on Google and YouTube. Because of high-security requirements and the training material for Skyhigh Security not being available, most engineers and architects avoid the product because there'd be a lack of knowledge in configuring and achieving the goals you'd want to reach via the use of Skyhigh Security.

The NOC team deploying the product is having difficulty getting training resources for Skyhigh Security. You'll be charged an enormous amount if you search the market for training because of the limited resources available. Skyhigh Security needs to work on marketing and awareness as an improvement to the product.

I'd like to see proper branding in the next release of Skyhigh Security. for example, if I know the product and I have training materials, that would give me the confidence to recommend it to customers. Skyhigh Security should send marketing emails to people, especially architects, explaining what the product is about, its features, and where to get training materials on Skyhigh Security.

A free lab available with the basic features of Skyhigh Security would also be great, so anyone can log in and check the product within the vendor site. It's just making one small lab that anyone could click on to access the product and see how basic features work. Currently, when you download Skyhigh Security, there are minimal resources for testing it, and if I don't know the product, why would I purchase it for testing? Through a small lab or trial, you can go and log in and say, "This is an excellent product, so I'm going to purchase it, then install it in my production environment."

The on-premise version of Skyhigh Security can be integrated with cloud solutions. Still, it would be great if  Skyhigh Security could be deployed on the cloud and proactively monitor on-premises integration, so customers who don't have on-premises infrastructure could also deploy Skyhigh Security on the cloud to integrate with both on-premises and cloud solutions. If Skyhigh Security can work in both environments, that would be nice because you can manage everything from a single product.

Another feature I'd like to see in Skyhigh Security is the auto repair feature, which enables the product to repair itself whenever there's an issue. For example, suppose Skyhigh Security is used on a three-node cluster, and most of the cluster is down. In that case, the product should be able to re-trigger another node and create that node automatically. If one instance is down, Skyhigh Security should automatically create another instance. No product in the market currently supports auto repair, so if that feature is available in Skyhigh Security, many customer issues, such as breakdowns or downtimes, would be solved. The auto repair feature would also make Skyhigh Security good for DR (Disaster Recovery), and that would lessen customers' worry about production. Customers will confidently say, "Okay, the product is down, but Skyhigh Security will automatically repair it, so I won't need to worry about it."

I've been using Skyhigh Security for about a month now.

As of now, there's no instability from Skyhigh Security. It's a very stable product.

My team uses 500 MB of traffic, so to be honest, Skyhigh Security hasn't been tested that much, but with that kind of traffic, it's a good solution. For the use cases at the moment, Skyhigh Security is pretty scalable.

We haven't raised tickets with Skyhigh Security support. We just purchased the software and downloaded it on our own by learning from their site. We haven't interacted much with the Skyhigh Security technical support team.

My company is replacing McAfee Web Gateway with Skyhigh Security because it's not getting what it requires from McAfee.

McAfee Web Gateway is a good product, but it isn't as good for ICAP purposes because it's lacking in ICAP protocol and proxy, compared to Skyhigh Security. The main use case for the two products is ICAP, so my company decided to go with Skyhigh Security.

The initial setup for Skyhigh Security is easy. It's straightforward, so I'm rating the setup a four on a scale of one to five.

Pricing for Skyhigh Security is okay, though there's always a scope for price improvements. Its pricing is okay compared to other products because other products have very expensive licensing costs. Along with the licensing, support is also provided for Skyhigh Security, so pricing is reasonable, but if there's proactive or better support, that will justify the pricing. I haven't interacted with the Skyhigh Security technical support team yet, so I'd give pricing a four out of five rating for now.

My company is currently using two products for security, McAfee Web Gateway and Skyhigh Security.

My rating for Skyhigh Security is an eight out of ten because I haven't fully tested all of its features. If I was able to use the product more extensively, my rating could even be higher in the future.

My company is a customer of Skyhigh Security, providing support for it. My company purchases Skyhigh Security through the client.

McAfee Web Gateway is used as a proxy gateway in our company.

The most valuable features of McAfee Web Gateway are anti-malware, reports, and powerful categorization of web pages.

McAfee Web Gateway could improve the reporting. We have the reporting on a separate server and sometimes the database becomes full. These aspects could improve.

I have been using McAfee Web Gateway for approximately five years.

We have approximately 7,000 users using this solution in my organization.

We implemented McAfee Web Gateway with a partner.

There is an annual licensing cost to use McAfee Web Gateway. The purchasing of licensing can be difficult for the government sector. 

There should be a hybrid form of a license model. For example, if I have a user working remotely and another one on-premise, it would be wonderful to have control in the cloud and on-premise.

I rate McAfee Web Gateway a seven out of ten.

You can connect to SaaS applications, like Workday, Office 365, or Dropbox. There are hundreds of SaaS applications. A remote user can connect to some kind of gateway or be assisted by a gateway connection from his home, and he would then connect through that gateway to a broker, a broker with basically the CASB as a broker, and the broker would then put that layer of security too.

A lot of people sell the solution, including Palo Alto. You've got Skyhigh Networks, which was the leader of CASB and then they were acquired by McAfee, and then now they've broken off into Skyhigh Security. They still have the CASB and they're still considered a market leader. 

They were very, very aggressive in the market to get a new market share or to take over market share while other companies were being broken up.

It's a really easy product. It is a pretty straightforward product. The only thing that Skyhigh doesn't is what Palo Alto does - they don't do any kind of a software-defined WAN, SD-WAN. If you have different circuits to utilize different bandwidth across different media and also set up redundancy links and that kind of stuff, that's all the SD-WAN. They do not have SD-WAN, Skyhigh Security does not have SD-WAN. Palo Alto does.

They were real big on the secure services, edge SSE and zero-trust network architecture type deployments. A lot of that stuff coming out of the networking and when things moved to a cloud, you have what's called sanction IP, which is basically, what we always knew as an internal network in all the security and firewalls and everything about that and then as things moved to the cloud, business to business type stuff and then you start having what's called shadow IP. That's when you have to build all the firewall policy infrastructure in the cloud to emulate what we were doing down inside of a business, connecting servers or PCs or network switches and that kind of stuff. However, infrastructure as a service is doing the same type of functions yet they're cloud services and not physical network services, or switches, meaning there's no mounting it in the rack and that kind of stuff.

You have got a lot of people in the industry now like Netskope and a lot of people in that space. You can't really say one's better than the other. They all were built off the original architecture and what a CASB is, however, maybe they scale better, and maybe their brand of deployment is stronger.

You have to have some kind of background with cloud-based security, like working with different providers and how to make instances in the clouds and that kind of stuff - including cloud, networking cloud, cloud application development, anything like that is a requirement to be in the CASB space.

The stability has been good. it's a reliable solution. 

As a cloud solution, it's easily scalable. 

You can spin up an instance of something in the cloud or cloud providers a lot faster than deploying network infrastructure switches, routers, and all that stuff. Plus, you can tier down. There's a lot of flexibility you can do with cloud services versus native on-prem services.

Technical support is okay. We haven't had a problem with them.

I'm also familiar with Palo Alto.

You have to have some kind of background with cloud-based security, like working with different providers and how to make instances in the clouds and that kind of stuff - including cloud, networking cloud, cloud application development, anything like that is a requirement to be in the CASB space.

There are a lot of testing requirements and things that people have to go through to create in the CASB industry. Netskope didn't get a leg up as they were like the CrowdStrike of the EDRs. 

I'd rate the solution nine out of ten.

MVISION Cloud can be deployed on the cloud and on-premise.

I am using MVISION Cloud to have visibility for some CLP rules of the access to Office 365 applications.

The most valuable features of MVISION Cloud are the automatic reports and modification incidents.

MVISION Cloud is not well known and there should be more information about the solution. There could be integration to local applications.

In a future release, they could improve by adding Shower IT.

I have been using MVISION Cloud for approximately two years.

MVISION Cloud is a stable solution.

The stability of MVISION Cloud is fine. You can use whatever service with whatever number of users you want. There is a very good map to see all the services that you are receiving. You can always see what is happening, but the users never know if there is anything happening in the back end of the servers.

We have approximately 15 users using this solution in my organization.

I have used the support. They are very good but the speed of their answers could be quicker.

I rate the technical support for MVISION Cloud a four out of five.

The initial setup of MVISION Cloud is simple. From the moment that you have all the requirements, the process only takes five minutes. MVISION Cloud will notify you that they will have a maintenance day, which will take approximately one hour, but you don't notice that they are doing it.

There is a license required to use this solution and it is paid annually. The price is reasonable.

I would advise others to understand which of their use case has services that have direct integration with MVISION Cloud. The service is working very well.

I rate MVISION Cloud a nine out of ten.

We use this solution for web filtering.

I integrate and manage the solution. It's deployed on-premises.

The stability is the most valuable feature. We haven't had any issues with the product.

It's easy to configure. It's not hard to manage day to day.

They could be integrated with CASB. I think normally McAfee has this solution in the cloud, but for us the best is on-premise.

Perhaps in this year's configuration, something that could be added is the SSL inspection.

I have been working with this solution for eight years.

The scalability is fine. We work with Fortinet too and Fortinet doesn't work like McAfee. McAfee does more than Fortinet.

Technical support is really great. I would rate them 4 out of 5.

Setup is a little bit complex but I think the environment is complex. We needed help from McAfee and another integrator.

I would rate the complexity of setup 4 out of 5.

I would rate this solution 8 out of 10. 

My advice is to discuss your goals before you install the solution because you can do a lot with McAfee Web Gateway.

What's most valuable in Skyhigh Security is its level of security. Another valuable feature of the solution is threat analysis.

Skyhigh Security, as a product, is excellent, but in terms of the right services and support, those are lagging very much, for example, in Trellix. From one hundred, its score has gone down to ten, so ten out of one hundred, otherwise, it's the number one product. Pricing and design are fine, so no further changes are required on those.

What I'd like to see in the next release of Skyhigh Security is a single console for all the products, for example, under the Trellix portfolio, it would be good if it could be managed by a single console because it's not possible currently. 

Competition is running much faster than the solution, so to improve Skyhigh Security and catch up to the competition, there's a need to add these additional features into one console.

I've been working with Skyhigh Security (formerly MVISION Cloud) since the day it was launched, so it's been four or five years now. It's not being used in the organization. My organization sells it, governs, and implements it for clients. My organization is still supporting Skyhigh Security.

Skyhigh Security is a stable solution.

Skyhigh Security is a scalable solution.

I'm rating the technical support for Skyhigh Security a zero. Support for the solution is not good, though the tutorials and documentation are excellent. 

Support is not easy to reach, and the engineer who handles the issue first-hand isn't much aware of the issue. Rather than understanding the issue, he simply told me: "Okay, follow this. What is the version? Is Windows updated? Which version of Windows are you using?" By the time you're done talking with the engineer, the ransomware attack would have happened and people would have lost their data.

When a person contacts support, he's one hundred percent done with L1 and L2 troubleshooting, but the support team for Skyhigh Security doesn't listen when you tell them that you're already done with L1 and L2 troubleshooting and can now move forward to the next level of troubleshooting and support. Support will do L1 & L2 again, take and capture the logs, then do the analysis, even if you're giving them your analysis, your report. Support will tell you: "No, we don't want this analysis report, though it is the same. We will do it again, and then we will report."

We compared Skyhigh Security with SentinelOne which is also quite good, but the limitation is there because SentinelOne is just an EDR solution, while Skyhigh Security has many other things to offer. There is no apple to apple comparison possible.

The initial setup for Skyhigh Security is simple. Clients can do it themselves because they have already been using the ePolicy server on-premises solution and now are moving out onto Skyhigh Security, and with the added features, they're more comfortable with the setup.

Pricing for Skyhigh Security is fine.

We evaluated SentinelOne.

The deployment model for Skyhigh Security depends on the customers. Some customers deploy it via the public cloud, while some deploy it via the hybrid cloud. Customers use the latest version of the solution.

I'm rating Skyhigh Security ten out of ten. Its current version is 100%.

I'm recommending Skyhigh Security to others.