Re: Outsourcing Firewalls/Internet Security count

[Edward Cracknell <edward () securIT net>]

My mailer says "Safier, Adam (GEIS)" <Adam.Safier () geis ge com>  wrote:
Adam.Safier >How many people received a query or had a chief security officer
/ CIO
Adam.Safier >express an interest outsourcing their Firewall / security
management?
Adam.Safier >(Not just your CIO, which you should not admit to if he did, but
service
Adam.Safier >queries as well.)

All of us....and the general opinion is that this is a good thing.
Certainly a trusted name is required. I don't feel any 'new' name could
start-up and offer this service successfully, but then, if all the
remote management can do is take alerts and warnings, surely the customer
can relax a little.

In my view, the client site will have a system filtering and identifying
intrusion patterns. It will then generate a fairly 'cryptic' alert and
pass that via an encrypted link (leased line). The managing authority
won't usually have direct access to network traffic.

There's obviously a long way to go before this technology becomes
acceptable, but it could be extended to address the issues of;

Remote Firewall Management
System Administration
Network Performance 
Business Continuity

All with the benefit of a team of experts managing your Internal network
without the cost of employing individuals for that task. 

<ALARM>

whoop whoop

</ALARM>

No, we've got to sell this to the people it might replace. 

I've thought about this one long and hard. I see it as a way to free up
these people from the mundane tasks, and take away the need for them to
keep up to date with new vulnerabilities.

My $0.02

:-)
-----------------------------------------------------------------
Edward Cracknell - <edward () SecurIT net>