|
|
|
|
|
|
 
|
|
|
|
Provider
|
Platform(s) |
Configuration & Update
|
Monitoring & Response
|
Firewall Capabilities
|
Additional
Services
|
Additional Comments
|
|
Altoria
|
CPE-based Checkpoint, Cisco |
Configured by either Customer or Provider. Customer submits changes via phone or web. Certified MSSP staff reviews, verifies, & implements change within 4-24 hrs. |
Provider monitors & responds to events. 24/7 event & status monitoring. NOC trouble shoots alarms & notifies customer within 20 mins. Alerts, logs, TTs supplied via secure website. |
Included: Optional:
|
Included: Optional: |
|
|
CPE-based Checkpoint |
Configured by Provider. Customer submits changes via phone or web. MSSP reviews, verifies, & implements change. |
Provider monitors events & notifies customer. 24/7 event monitoring. Alerts & logs supplied via BusinessDirect portal. SLA for MSSP-hosted firewalls |
Included:
Optional:
|
Included: Optional: |
|
|
|
NW-based MSSP Network Infrastructure |
Configured by Provider. Customer submits changes via BusinessDirect portal. MSSP authenticates, reviews, & implements change. |
Provider monitors & responds to events. 24/7 event monitoring. MSSP notifies customer of events & updates. Reports & logs supplied via Business Direct portal |
Included:
Optional:
|
Included: Optional: |
Requires MSSP-supplied access link, included with this service. Global security policy can be applied to same customer in different regions. |
|
|
Getronics
|
CPE-based Checkpoint, SonicWALL, Juniper, Cisco |
Configured by either Customer or Provider. MSSP suggests rules & best practices, approved by customer. Changes can be implemented by either party, based on customer's process & SLA |
Provider monitors & may respond to events. 24/7 service monitoring with severity-based response by MSSP. Extended incident support on new firewall platforms that provide IDS/IPS. |
Included: Optional: |
Included: Optional: |
Solutions are based on capabilities & bandwidth. Branch offices can use smaller integrated security platforms, while major hosting centers can use switch/firewalls that support gigabit traffic rates. |
|
Globix |
Hosted CPE Checkpoint, Cisco |
Configured by Provider. Basic Mgmt: Two change requests per mo. M-F 9-5. Premium Mgmt: Unlimited change requests 24/7. Changes submitted by authorized contact via email or portal. |
Provider monitors & may respond to events. 24/7 status monitoring. Backed-up logs & statistics supplied via customer portal. |
Included: Optional:
|
Included: Optional: |
|
|
Provider
|
Platform(s) |
Configuration & Update
|
Monitoring & Response
|
Firewall Capabilities
|
Additional
Services
|
Additional Comments
|
|
IBM
ISS
|
CPE-based Checkpoint, Cisco, Fortinet, Juniper, ISS Proventia M |
Configured by Customer or Provider. Customers submit changes via Virtual-SOC portal. Analyst acks, validates, & implements request, per customer-defined schedule & SLA. Customer is notified of completion. |
Provider monitors & may respond to events. 24/7 device health & availability monitoring. Alerts create outage TT, accessible via Virtual-SOC portal. Analyst provides remediation & customer notification based on SLA. |
Included: Optional: * If supported by installed firewall |
Included: Optional: Inclusion depends on service level |
CPE hosted by customer or MSSP. Service includes monthly vulnerability scan. SLAs determine change ack (within 2 hrs) & implementation (within 2, 8 or 24 hrs), outage notification (within 15 or 30 mins) & response (within 15 mins of ID), real-time escalation, portal availability & emergency response. |
|
MegaPath |
Hosted CPE or NW-based Fortinet |
Configured by Customer or Provider. Customer submits changes via portal. MSSP validates & implements change based on platform & SLA: within 5 mins (NW firewall) or 4-8 hrs (CPE firewall). |
Provider monitors & responds to events. 24/7 monitoring. Exec & Detailed Reports are delivered weekly/monthly. Exec Reports provide strategic threat summary. Detailed Reports provide tactical attack details. |
Included: Optional: |
Included: Optional: |
Allowable changes include Source / Dest IP / Subnet & Application, including custom Protocol entries. Rules are validated to prevent portal lock-out or service disruption. |
|
Perimeter |
CPE-based or NW-based Checkpoint, Cisco, Juniper, SonicWALL, Fortinet |
Configured by Customer or Provider. MSSP authenticates log-in credentials when allowing customer to make changes. |
Provider
monitors & responds to events.
24/7 monitoring with reports supplied via portal, containing events, alerts, trends, & required actions. MSSP or customer may take action, depending on service level. |
Included:
1 2 3 4 5 6 7 8 Optional: |
Included: Optional: |
CPE hosted by customer or MSSP. |
|
Secure
Designs
|
CPE-based
SonicWALL, Cisco, WatchGuard, Juniper |
Configured by Customer or Provider. Customers can change own content filters, but must submit other changes via email or portal. MSSP verifies & implements change after reviewing implications with customer. |
Provider
monitors & responds to events.
24/7 monitoring with alerts delivered immediately to tech support & customer via email/SMS. Reports, updated every 4 hrs, supplied via portal |
Included:
Optional:
|
Included: Optional: |
SLAs depend on type of change requested (e.g., policy update, low priority outage). |
|
Provider
|
Platform(s) |
Configuration & Update
|
Monitoring & Response
|
Firewall Capabilities
|
Additional
Services
|
Additional Comments
|
|
SecureWorks
|
CPE-based iSensor, Checkpoint, Juniper, Cisco |
Configured by Customer or Provider. Contract determines if MSSP or customer makes changes. Customer submits changes via portal. MSSP reviews & implements per customer's change control policy |
Provider monitors & responds to events. 24/7 monitoring & support by SOC. SLAs include guaranteed response to vmail/email, device monitoring, device update timeframe, incident response notification |
Included:
Optional:
|
Included: Optional: |
For most supported firewalls, three service tiers are available: Fully Managed, Monitored only, or Reporting only. |
|
Solutionary
|
CPE-based Checkpoint, Cisco, Juniper, SonicWALL, Fortinet |
Configured by Customer or Provider. Customers submit change via secure email or portal. MSSP reviews, addresses any questions or risks, implements, & validates change. |
Provider monitors events & notifies customer. 24/7 monitoring by ActiveGuard, MSSP's ESM platform. Alerts & logs supplied via email, paging, phone, or secure portal. |
Included:
Optional:
|
Included: Optional: |
Standard or custom SLAs apply to both configuration & monitoring. Portal provides detailed auditing of config history & change journals. Alerts include critical config changes, potential malicious activity, & operational alarms. |
|
Symantec
|
CPE-based Checkpoint, Cisco, Juniper |
Configured by Provider. Customer submits change via secure portal or voice to operations centers. MSSP reviews impact prior to making change in accordance with SLA. |
Provider monitors & may respond to events. MSSP takes action or notifies customer based on customer's procedures, in accordance with incident ID & escalation SLAs. |
Included:
Optional:
|
Included: Optional: |
Managed firewall service is an add-on to Security Monitoring services that provide real-time monitoring, analysis & incident escalation based on security log data from a wide variety of sources. |
|
Unisys
|
CPE-based Cisco, Checkpoint, Fortinet, ISS, Juniper, Symantec |
Configured by Provider. Authorized contact submits change via portal or phone. MSSP assesses impact. Emergency changes are reviewed immediately & implemented ASAP. Standard changes are reviewed within 24 hrs, implemented within 48 hrs. |
Provider monitors & responds to events. 24/7 system & security monitoring. MSSP notifies customer of critical events within 10 mins & identifies root cause within 4 hrs. If field service needed, dispatch ticket is created within 10 mins. |
Included:
Optional:
|
Included: Optional: |
CPE hosted by customer or MSSP. Raw (forensic) event logs are stored for 12 months, then destroyed or provided to customer upon request. MSSP offers SEM service that lets customer configure & control firewall while provider correlates firewall events with those collected from other systems. MSSP typically assumes management & monitoring duties for customer-owned firewalls. |
|
Verizon
Business
|
CPE-based Checkpoint |
Configured by Provider. Customer defines rules; MSSP configures firewall. Customer submits changes via secure website. SOC implements & verifies changes in accordance with specified 24 hr SLA. |
Customer monitors own firewall events. No event monitoring or response is offered with this service. |
Included:
Optional:
|
Included: Optional: |
|
|
Verizon
Business |
CPE-based Checkpoint, Cisco, Juniper |
Configured by Provider. Customer defines rules; MSSP configures firewall. Customer submits changes via secure website. SOC implements & verifies changes in accordance with specified 24 hr SLA. |
Provider monitors events & notifies customer. 24/7 security event monitoring & prioritization. Critical/Emergency events are reported to customer via both phone & portal. |
Included:
Optional:
|
Included: Optional: |
|
|
Virtela |
CPE-based Checkpoint, Cisco, Juniper |
Configured by Customer or Provider. Authorized customer requestors submit changes via secure portal. SOC validates & schedules change, or returns request to customer if remediation is required. |
Provider monitors events & notifies customer. MSSP provides customer with event, collected intelligence on impact, & recommended response. If customer has chosen fully-managed service, MSSP applies customer-agreed response actions. |
Included:
Optional:
Inclusion depends on chosen platform. |
Included: Optional: |
CPE hosted by customer or MSSP. |
|
Provider
|
Platform(s) |
Configuration & Update
|
Monitoring & Response
|
Firewall Capabilities
|
Additional
Services
|
Additional Comments
|
