RE: Managed Firewall Service - Opinions

["Melson, Paul" <PMelson () sequoianet com>]

I happen to work for a company that provides managed firewall services.  Per Paul's request, though, I'll refrain from 
telling you about how great we are. :-)  We're in your region, though, so if you're interested, feel free to e-mail me 
off-list.

As far as the pro's and cons, there are several to consider.  The big one is depth of staff vs. need.  Small and large 
companies will typically get better value out of a managed firewall service than a medium-sized organization.  The 
reason being that small companies are less likely to have and afford someone with a relatively high level of networking 
knowledge, but still have the need for a firewall, and managed services are typically less than half the salary of a 
good network/firewall engineer.  Large companies benefit especially if they have a large Internet presence and a lot of 
internal or customer/partner services facing the Internet.  They can get changes quickly and consistently and have a 
safety net of support in the form of service level agreements.  And, again, it's typically worth the cost to not have 
that as a responsibility for internal staff.  Medium businesses typically don't have large change/management load for 
their firewall and are more able to afford doing these things in-house.  For example, if your network administrator can 
do the job, and is spending less than 5hrs/wk on the firewall, there's not a lot of reason to pay an additional half of 
her salary to another company in order to free her up for 20hrs/mo.  In cases like that, overtime pay  is a much more 
economical option.  Each organization is different, though, and if someone in your organization is split between the 
firewall and other internal support work, managed services could free them up to concentrate on that.

As far as picking a vendor, you should ask these questions:  

Do they have the depth and expertise to support your needs?  Are their people certified in your product or the product 
that will be used?  How many engineers are assigned to their managed firewall service?  

What kind of coverage do they provide?  24/7 vs. 8-5, M-F?  Do they monitor your network for outages?  Will they handle 
the warranty and/or provide spare equipment in the event of a failure?  What are the response times specified in their 
SLA?

What other services do they provide?  Look for a vendor that will offer you additional security services such as VAs, 
IDS, and log analysis.  Firewalls are not a security solution, only part of the equation, so it's good to work with a 
vendor that can help you with all of those issues.

I hope that helps!

PaulM

>  -----Original Message-----
> From:         "Fiamingo, Frank" <FiamingF () strsoh org>@AICNOTES  
> Sent: Thursday, April 17, 2003 10:45 AM
> To:   firewall-wizards () honor icsalabs com
> Subject:      [fw-wiz] Managed Firewall Service - Opinions
>
>  
> My boss has asked me to investigate managed firewall solutions for our
> organization.
> We're a mid-sized organization: 700 employees, 200 servers (mostly Windows).
>
>
> Does anyone have any experience with companies that do this that they would
> like to share?
> What are a few pros and cons that come to mind versus managing the firewalls
> yourself?
> Do these companies manage the firewalls as we currently have them, or do
> they install/configure
> their own? - currently we use Gauntlet firewalls.
> Who are the major players in this market (those that are likely to be around
> for awhile)?
>
> I'm just looking for a basis to start my exploration.
>
>       Thanks,
>       Frank
>
> Frank Fiamingo
> STRS Ohio
> Network Support
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards