Re: Managed Security Services

[Mark Teicher <mht3 () earthlink net>]

Et Al,

Being new to the security field, I am wondering what managed security 
services is:
Managed Security Services can be defined in many different ways.  As it is 
defined and then delivered by the various entities out there, what is the 
makes managed security service company successful?? Is it the people, the 
technology, the experience, or the size of the organization offering the 
service??
Does managed security services include patch management, anti-virus 
centralized management, intrusion detection, spam detection, patch 
management??
Many companies, even telecommunications providers, internet service 
providers are offering the service with customer web portals, but what is 
exactly is a web portal and does it really provide an organization all the 
data that is observed on their network??  How is data from a web portal be 
used to prosecute a real hacker ??
What happens to the customer data on the backend ?  Is it mixed in with 
other customer's data for analysis or trend reporting?
Where does a managed security service begin and end ??
Does it begin at the architecture level (i.e. implementation/integration 
services or presented to a customer (Hi, this is your network, this is your 
network after all those hackers have gotten to it (imagine the "This is 
your brain, this is your brain on drugs commercial (*scrambled egg sizzling 
in background*)..
How long does it take to tune an IDS, a telecommunications firewall, an 
IPS, a firewall?
What is normal traffic patterns in an organization?
How do enhance the effectiveness of a managed security service?
What is proactive refinement of security policies?  Who has the final say ??
Do the people that work 3rd shift just as talented as the 1st shift in a 
24x7 service?
What is real-time versus a real-network attack or telecommunications attack?
How does an organization that pays for a managed security service feel that 
their network is healthy??
What are the determining factors behind a healthy and secure network?
What is guaranteed responsiveness??
Are the people who are watching an organization's network really certified 
or just take on-line or web based classes and learn as they go ??
What determines lower total cost of ownership?
How does a managed security service really save an organization time and 
money ?? If a network is designed correctly, staffing requirements should 
have already been accounted for, including training and maintenance

Many thanks in advance for anyone's response

/cheers

/m


---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------