|
|
|
|
|
|
|
|
|
||
|
|
||
|
Partner With Us |
Managed Firewall Table
VP Core Competence, Inc. [December 28, 2004] |
 |
|
|
|
|
|
|
Add-ons |
|
|
Cisco PIX,
CheckPoint
|
Customer
opens an online case with the SOC.
|
Secure Web
interface
|
Guaranteed
response times for policy change requests and outage notifications.
|
VPN, IDS,
Content Filtering
|
Automatic
failover option available.
|
|
|
Cisco MGX
Carrier-Class Routers
|
Using SNAP
View, policy updates may be performed by customer, reseller, or MSSP, then pushed
immediately
|
Viewed or
printed through SNAP View, the MSSP's own web-based management tool
|
None
|
IDS/IPS
|
Access links
must be purchased from MSSP. Automated response is optional.
|
|
|
ClearPath's
SNAP VPN Appliance
|
SNAP View
(above)
|
SNAP View
(above)
|
None
|
IDS/IPS
|
24x7 monitoring
available only through reseller partners.
|
|
|
Cisco PIX,
CheckPoint on Nokia
|
Updates
are cleared with customer, then pushed to devices
|
Secure Web
interface
|
Customers
are privy to vendor hardware and software SLAs.
|
VPN
|
Rule changes
included.
|
|
|
ISS Proventia,
Cisco PIX, CheckPoint, Netscreen
|
Change Requests
submitted via secure portal. Security engineers review for potential issues
/ security compromises. Validated requests implemented and verified by senior
analyst.
|
Secure MSS
Customer Portal is used for change requests, report generation, live log viewing,
and detailed security intelligence from ISS X-Force.
|
Rule-base
change requests acked within 2 hours. Change requests implemented within 8 hours.
Proactive monitoring notification of firewall outages within 15 minutes.
|
VPN, Monitored
Firewall Service (below)
|
Includes
unlimited policy changes, hardware break-fix service, and log storage at secure
off-site facility for up to 7 years
|
|
|
ISS Proventia,
Cisco PIX, CheckPoint, Netscreen
|
Secure MSS
Customer Portal (above)
|
Secure MSS
Customer Portal (above)
|
Same as
Managed Firewall (above)
|
VPN
|
Monitoring
Service feeds attack data to real-time monitor @ SOC for analyst analysis. If
malicious activity is confirmed, customer is notified within 15 minutes.
|
|
|
CheckPoint,
Netscreen, Cisco PIX, IPTables
|
Customers
or MSSP can initiate requests and implement changes. All requests tracked through
Portal Help Desk Ticketing.
|
Real-Time
secure Web interface
|
99.999 percent
availability, 1 hour response for standard requests, 15 minutes for emergencies.
|
VPN, Load
Balancing
|
Totally
non-metered: customers have unlimited changes and consultation time with MSSP's
SANS GIAC-certified SOC team.
|
|
|
CheckPoint
on Nokia, Netscreen, Cisco PIX
|
Customers
view policy and submit request via secure web interface; MSSP's SOC verifies
request and administers the changes.
|
Daily Reports
via secure web interface, Logs via FTP.
|
SLAs include
install guarantees, proactive outage notification, high availability services,
and administration changes.
|
VPN, Acceleration,
Internet Colocation
|
Includes
redundant SOCs, annual vulnerability scan, and Security Policy Wizard to assist
with policy development. HA on CheckPoint/Nokia.
|
|
| vDeadbolt Appliances | Secure Web interface, plus interaction with customer. | Secure Web interface | Custom | DMZ, VPN, IDS/IPS, Content Filtering, Business Intelligence, Perf Management, QoS | ||
| CheckPoint NG on Solaris or Nokia, Cisco PIX 500, Netscreen, Symantec Enterprise Firewall, SonicWALL, Secure Computing G2 | Change-related tickets initiated via event monitoring or customer request thru vendor NMS or phone. Support contacts customer POC for more info if needed, analyzes business impact with customer input, implements change or confirms resolution, closes ticket, and notifies customer. | Secure Web Portal. Current and past configs can also be viewed thru Portal. | SLAs have evaluation metrics for Web Portal Application Availability, Configuration Changes, Escalation, and Tier 1/2/3 Support. | IDS, VPN, AV, Content Filtering, Token Auth, Scan Service, Firewall Support Helpline, Management OnDemand. | Failover or active/active options based on firewall capability. Secure Internet access is preferred, but customer can supply private line to MSSP. | |
|
CheckPoint
on Nokia, Solaris, or Linux Securplatform, Netscreen,Cisco PIX
|
Authorized
policy administrator calls MSSP, authenticated via SecurID.Ticket opened, e-mailed
to customer for confirmation, and implemented within 4 hours. When ticket is
closed, customer notified by e-mail and online.
|
Secure web
interface, with RSA SecurID token authentication.
|
SLA criteria:
reaction time under 4 hours, response time under 1 hour, time to recover under
4 hours.
|
VPN, IDS,
Content Filtering, AV, RADIUS or RSA authentication.
|
Customer
must purchase corporate Internet access line (xDSL or LL) from MSSP.
|
|
|
Netscreen,
SonicWALL, WatchGuard, Cisco
|
Customers
submit requests via e-mail or web support site. If authorized, change made and
response returned to sender's address.
|
FTP, Web,
e-mail
|
None
|
VPN, IDS,
Content Filtering, AV, Audits
|
|
|
|
Rampart
Firewall
|
Customer
contacts MSSP via phone, e-mail, fax or secure web form. Callers authenticated
by PhoneWords (token-based CH-RSP). MSSP implements policy at requested time,
for specified duration.
|
Logs available
via Security Console for customer review and regulatory reporting, and for daily
review by MSSP's network security engineers.
|
SLA covers
timeframes for security incident notification, response to customer requests
and ruleset/user access changes.
|
VPN, Content
Filtering, E-mail AV and Spam ID, User Authentication
|
Built-in
IPS. No HA available. Customers may elect, through custom Incident Escalation
and Response Policy (IREP), to have MSSP make firewall policy changes to address
immediate threats.
|
|
|
Cisco PIX
500, CheckPoint on Nokia or SPLAT, SecureWorks iSensor
|
Requests
made to SOC are reviewed by senior security engineers. After approval, MSSP
implements changes on firewall.
|
Secure Web
interface called SecureHUB. Service includes log review.
|
SLA includes
uptime.
|
VPN, Content
Filtering
|
|
|
|
Cisco, Netscreen,
CheckPoint, Nokia, Crossbeam, Symantec, Fortinet, others upon request
|
Customers
submit change requests to SOC via a secure Web page, e-mail or phone.
|
Secure Web
interface
|
Event Notification:
Response Time 99 percent; Fault Isolation 99 percent; Field Service Dispatch
99 percent. Availability: Single Firewall 99.95 percent or HA 99.995 percent.
Change Management: Acknowledgement 99 percent; Review 99 percent; Implementation
99 percent.
|
VPN (up
to 50 users) included in firewall fee; will support CheckPoint Application Intelligence
(AI) upon request.
|
Secure cabinet
with UPS, Power Distribution Unit (PDU), Door Monitor Switches, Temperature
and Humidity Monitor. Unisys notifies customer should any of these elements
trigger an event.
|
|
|
F5 Networks
(Magnifire), Netcontinuum
|
Customers
submit change requests to SOC via a secure Web page, e-mail or phone.
|
Secure Web
interface
|
Same as
above.
|
|
Application
protocol inspection; rules based alerting/blocking; anomalous behavior detection.
Deep packet inspection of JavaScript, Java Applet, and HTML traffic on ports
80/443.
|
|
|
CheckPoint
on Nokia and Solaris, Cisco PIX,Netscreen
|
Customers
submit changes via e-mail, phone, or secure Portal. Requests are tracked by
ticketing system, viewable via Portal. Standard rule changes are implemented
within 6 hours. Emergency rule changes can be implemented for an additional
fee.
|
Logs and
reports available via Customer Resource Portal, providing detailed view of managed
devices, variety of reports, and ad hoc query engine to analyze security events
across multiple platforms and locations. Secured by token authentication and
SSL encryption.
|
Full Life-Cycle
management of customer firewalls with guaranteed SLAs.
|
AV, Content
Filtering
|
Automatic
failover and clustering available. Security engineers ensure firewalls are staged
and tested comprehensively. Vulnerability scan and network analysis ensure that
optimal policies are instituted during implementation.
|
|
|
CheckPoint,
Cisco PIX, Netscreen, SonicWALL, Microsoft ISA, others upon customer request
|
SecureXone
uses SSL to secure customer request to update security device policy. SOC can
also accept policy change requests via phone or e-mail, validated to ensure
integrity of request.
|
SecureXone
Security Portal provides integrated managed security info, delivered in real
time 24x7, spanning intrusion events, wireless and wired networks, commercial
security devices (e.g., Cisco, McAfee, ISS, Sygate, others), and security processes
and procedures.
|
SLA includes
(but not limited to) report frequency, log retention duration , time to respond,
policy change requirements, and notification requirements. SLAs tailored to
customers. Rule changes within one hour of verification; credit if SLA not met.
|
Network/Server/Host
IDS/IPS, VPN, Security Advisories, Weekly Vulnerability Scanning
|
MSSP can
provide immediate access to professional and certified consultants as needed
for further investigation and/or digital forensics. MSSP also provides (at no
additional charge) periodic reports and face-to-face meetings to ensure ongoing
comprehension of a security posture
|
NB: This survey is not intended to be an exhaustive list. It is an example snapshot of offerings available from participating providers, as of December 2004. Service offerings do change frequently, so please consult provider web sites for updates or further information. Additional providers who would like to be invited to participate next year should mail me at lisa (at) corecom.com
< Back to article
ISP-Planet's
RSS feed
The Network for Technology Professionals
Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers