Pin Me

Review: StormShield Suite Provides Integrated Network Defense

written by: Tom Olzak, CISSP•edited by: Bill Bunter•updated: 5/7/2010

SkyRecon's StormShield suite is an innovative approach to end-point and server security, providing administrators with tools granular enough to block unsafe user and application behavior while allowing incremental approval of business productivity tools, like smartphones and USB storage device.

  • slide 1 of 9

    What is StormShield

    Securing data has increasingly required pulling defense perimeters close to the actual information. In addition to traditional perimeter security, desktop, laptop, and server solutions must provide the final line of defense against intruder and employee behavior.

    Solutions deployed by most organizations consist of a set of software security controls, purchased from two or more vendors, and managed via multiple management consoles. The result is a device and data security framework the various parts of which might not integrate with each other--leaving gaps in protection--as well as an unwanted, and usually unnecessary, increase in administrative responsibilities. SkyRecon's approach to data and device security helps administrators eliminate fractured solutions, providing a single endpoint agent and a centralized management console that provide full system protection.

  • slide 2 of 9

    Feature Set

    Rating Average

    I originally gave the feature set a 4 rating, because SkyRecon chose to use behavior heuristics without signature analysis when looking for malware. As I wrote in the original review, I don't believe behavior detection alone is sufficient to protect systems. However, after I completed the review, SkyRecon released its version 5.1 of StormShield Security Suite that now contains anti-virus and anti-spyware – all still within a lightweight package and managed through a single security management console. This increases the feature set rating to a 5 as it relieves my concerns about not delivering this security layer. For more information regarding the new release, visit

    StormShield provides all the pieces necessary to protect laptops, desktops, and servers in a 7 MB agent. The agent's behavior is controlled via a central management console. Using the console, administrators can implement numerous security contols. The following are just a few:

    • Host-based IPS (HIPS) integrated with a personal firewall
    • Continuous host-checking, ensuring that the security state of the computer doesn't degrade once it is connected to the network
    • Controlling the wireless networks to which a device can connect, including:
      • controlling the SSIDs a device can connect to
      • preventing prolonged connection to a wi-fi connection seen as insecure
    • Data encryption, including:
      • full disk encryption
      • file encryption based on file type
      • sensitive data encryption based on destination of copies or moves
    • Controlling which applications users can install or run
    • Preventing system connection to rogue wireless access points

    Overall, StormShield provides a complete set of fully integrated security controls for enduser and server devices.

  • slide 3 of 9
    Ease of use, price, and management of a comprehensive network security solution.
  • slide 4 of 9

    Ease of Use

    Rating Average

    The agent is easy to install and maintain. Further, the management console's design makes administration a straight-forward, uncomplicated process. And when an administrator has an issue, SkyRecon asserts that engineers are ready to help work through configuration challenges, including policy or rule definitions. I found this to be true when working with them during my research.

  • slide 5 of 9

    Price vs. Value

    Rating Average

    According to SkyRecon, pricing is "...determined by the number and combination of StormShield security services purchased per protected endpoint. The top-end pricing includes all services available within the released version of StormShield Security Suite Ultimate Edition." Cost is per node. The pricing I received was $37.50 to $129.40, based on feature set purchased, and on the purchase of 250 nodes. Based my experience, the high number is easily half of what I would expect to spend if I tried to piece all these controls together from various vendor offerings.

  • slide 6 of 9

    Day to Day System Management

    Rating Average

    This is another area in which StormShield does a good job. Instead of administrators being continuously beleaguered by users demanding access with handheld devices or other emerging technology, they can approve connection of specific device types--and brands and models within those types--as they are vetted. Further, organizations can control which file types can be copied to or from certain devices. For example, an administrator might allow iPods to connect, with only .MP3, .WAV, or .JPG allowed to be copied to them.

    StormShield also integrates into Active Directory, allowing administrators to apply use policies via AD group membership. And users can have multiple policies. For instance, one policy might apply when the user establishes a remote connection with another invoked when locally connected.

    As I wrote earlier, the management console interface is easy to use and intuitive. Daily management of this integrated set of security solutions won't overtask the security team.

    The only problem I had with system management was the lack of a large set of pre-defined business policies. Yes, there are behavioral definitions. But I don't believe that out-of-the-box functionality is robust enough to quickly take advantage of the full functionality of the suite. Set up and testing time might be extended because of this, although SkyRecon engineers assured me they have a huge library of user-defined templates available at no charge. That's nice, but I would rather have them loaded in the product for my review and implementation rather than asking each time I run into a snag.

  • slide 7 of 9

    Help and Support

    Rating Average

    As I worked through my research for this review, I had the pleasure of working with the SkyRecon engineers. They are knowledgeble and eager to help. The sense I get is "we can't do that" or the more infamous "I don't know what ta tell ya, it works on my machine," do not exist in their organization's lexicon.

  • slide 8 of 9


    Overall, this is a great product. It provides all the controls necessary to protect systems and the data processed on or passing through them. Although I'd prefer the addition of signature-based AV protection as well as more out-of-the-box configuration templates, I highly recommend this solution for organizations of any size.

  • slide 9 of 9

    More Reviews!

    Would you like to read more reviews? Look around Bright Hub and you’ll find reviews of numerous other leading security solutions including Undelete, SpamTitan, GFI MailEssentials, GFI LANguard, Norton Internet Security, Kaspersky Internet Security, ESET Smart Security, McAfee Total Protection, Norman Internet Security Suite and ZoneAlarm Internet Security Suite.

Popular Pages

More Info