|
|
|
|
|
|
| ISP Resources |
| ISP-Lists ISP Glossary ISP News The List ISPCON Events Free Newsletters |
|
|
|
||
| internet.commerce | ||
|
Partner With Us |
Intrusion
Detection Systems:
Veritect
With a background in government security services, Veritect
provides a range of managed security solutions that are flexible enough
to work with a number of different intrusion detection products.
[April 3, 2002] |
 |
In 1999, Veridian, a government-focused security consulting company, acquired the pioneering managed security service provider Trident Data Systems. Soon after, Veritect was spun off from Veridian as a wholly owned subsidiary focused on the commercial marketplace. Headquartered in Reston, Virginia, Veritect now has over 500 customers and 110 employees.
According to Michael Quint, Veritect spokesman, the parent company's
experience in working with government security needs has been a great
asset for Veritect. "We've got the security legacy of working with some
of the highest-security government agencies and intelligence community
organizations, and we've taken that expertise now over the last two years
out to the commercial markets," Quint said.
|
Veritect
|
 |
Veritect's 24/7 Security Analysis and Response Center is located at the company's headquarters in Reston. Meeting government security standards as a Secure Compartmented Information Facility, or SCIF, the center monitors all of Veritect's services, including firewall management, intrusion detection, and incident response.
The company's security technology, based on a sensor technology that Veridian developed for the Air Force, is called Veritect Vigilance. According to David Wilson, Veritect director of product Management, the Vigilance technology facilitates all of the company's services. "It's really the heart of what we do," Wilson said.
The next release of Veritect Vigilance, Wilson says, will add a number of new features, including the ability to combine services in ways that weren't possible before. "There's going to be some real integration across IDS, firewall, scan, and some of our assessment services," he said. "We'll be able to bring those things together and provide integrated views to the customer of their overall security posture."
The Lexus of intrusion detection
Veritect's
Managed IDS offerings are available in two versions—Basic IDS and
Premier IDS. While Basic IDS is essentially a turnkey, automated service,
Premier IDS provides personalized attention at every step. "It's kind
of like getting the premier level service that you might expect from buying
a luxury automobile," Wilson said.
The
Basic IDS service uses Veritect Vigilance technology to reduce false positives
and help the customer interpret the sensor data—but after that, the
customer's on their own. "It's positioned to be more of a mid- to large-market
offering," Wilson said. "It requires that the customer does have some
technical sophistication and a basic understanding of IDS and what some
alerts mean."
Premier IDS, on the other hand, buys the customer direct support from Veritect's security team. "Our intrusion analysts will be on the phone with you and walk you through the steps of what response you need to take based on the incident itself," Wilson said. "So the most fundamental difference is that the Basic customer needs to have some incident response mechanism already set up."
For Premier customers, Veritect can work with a range of network IDS products, including those from Cisco, Enterasys, and NFR Security, as well as Entercept's and Enterasys’ host IDS solutions. Basic customers work with a pre-packaged NFR network sensor. “It’s more of a turnkey solution,” Wilson said. “The Premier offering, on the other hand, is completely customizable.”
Wilson adds that Veritect's services aren't always used as an outsourced-only solution. "One thing that we have been very successful with is actually coupling our managed services offering with people sitting on site in the customer's environment," he said. "That is something that we do routinely: we don't try to force them to make an insource/outsource decision. We'll work either way with the customer."
Pricing for the services varies widely, depending on quantity and service level. The general range, Wilson says, is anywhere from $1,500 to $3,000 per network IDS sensor per month, and $250 to $500 per host IDS agent per month. With host-based solutions in particular, however, economies of scale can greatly decrease the cost.
It's a matter of trust
Wilson says that ISPs can be a perfect channel partner for Veritect—Qwest
is currently one of the company's largest partners. "ISPs have a great
opportunity to provide value added services such as secured connectivity,"
he said. "We allow partners to take our services and wrap them around
some of their favorite technologies."
Still, above and beyond pricing structures and partnership opportunities, Wilson contends that the most challenging issue is trust. For this reason, all of Veritect's security personnel either have government clearance or are cleared by an outside investigative firm. "You're allowing very sensitive information to leave the customer's network perimeter, so the whole notion of trust is very important," he said.
Allan Carey, Senior Research Analyst at IDC, notes that Veritect's ties to its parent company provide more than just a background in government security services. "By being a subsidiary of Veridian, they have the ability to leverage some financial stability in the marketplace," Carey said. "That financial stability is key."
Carey adds that the flexibility of Veritect's offering is also a significant asset. "They offer both network-based and host-based intrusion detection solutions, giving you a broad view of the activity on your network," he said. "And they also support some of the major IDS products in the marketplace—the fact that Veritect supports other products does make their solution more flexible."
And according to Quint, that flexibility comes from experience. "We understand security—we've been doing it for a long time," he said. "We understand how to provide the best security for our customers so that they can focus on their business while we focus on managing their security for them."
— End
Online Resources:
Intrusion
Detection Systems Directory
IDS
Quick Reference Chart
| Related articles: | ||
| [Dec. 24, 2001] | White Paper: Reducing Network Security Risk | |
| [Sept. 25, 2001] | Physical Security Augments Logical Security | |
| [July 11, 2001] | ISP-Planet Survey: MSSPs | |
|
|
|
| Best of ISP-Planet | ||
|---|---|---|
|
ISP-Planet
Guide
ISP-Planet's Principal Studies Directories:
Q2 2008 Top U.S. ISPs by Subscriber (Updated 08/29/2008)
ISP-Planet's Blogroll | ||
ISP-Planet's
RSS feed
