Firewall Wizards mailing list archives

RE: Managed Security Metrics

From: "Mike Smith" <msmith () infinity-its com>
Date: Tue, 6 Mar 2001 11:43:13 -0500

I'm looking for a service provider that covers more than firewall
management; it should offer internal IDS, anti-virus, content filtering
(incoming and outgoing), etc.  Down the road, I may look for services like
password management, PKI management, maybe even integrated physical
security.

My research tells me the SLA is the main way to tell what I'm getting for my
money and to compare providers.  I expect the provider to have a service
that implements my security policy (after we jointly review, and update if
necessary, that policy to make sure it's appropriate and supportable with
the provider's offering; I expect the provider to give advice in that area
as part of the service).

The SLA is also my contract.  It defines "good" service, and ideally defines
rebates (to me) or penalties (to the provider) if the service isn't "good."
But "good" has to be objective and the provider has to be able to
demonstrate that it was "good" during a given reporting period.

Mike Smith

-----Original Message-----
From: Adam Shostack [mailto:adam () homeport org]
Sent: Monday, March 05, 2001 6:01 PM

I think that theres a lot of process issues which are not easily
quantified.  For example, I want to know that an account will be shut
off within 5 minutes of a lost token report, but more than that I want
them to go through a list of accounts quarterly to ensure that there
is a known, employed user using the account.

I'd like to see log monitoring, a guaranteed response time to
certain classes of events eg, any user not on a shortlist becoming
root leads to a phone call that connects with my escalation tree
inside of 15 minutes.

Perhaps you can make the question more specific: What are you trying
to protect?  What is the service selling you?  Is it "firewall and in,
end-to-end security?"  Is it firewall log monitoring?


On Mon, Mar 05, 2001 at 01:37:10PM -0500, Mike Smith wrote:
| So I'm back to asking, what are suitable, measurable criteria for judging
| the quality of my security service provider's performance?
|
| Mike Smith

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Managed Security Metrics, (continued)
- Re: Managed Security Metrics shawn . moyer (Mar 05)
  - Re: Managed Security Metrics R. DuFresne (Mar 06)
  - Message not available
    - Re: Managed Security Metrics Marcus J. Ranum (Mar 06)
- IP Spoofing and counter measures Tib (Mar 09)
  - Re: IP Spoofing and counter measures Ryan Russell (Mar 11)
- RE: Managed Security Metrics Bob . Eichler (Mar 05)
- RE: Managed Security Metrics Mike Smith (Mar 05)
  - Re: Managed Security Metrics Adam Shostack (Mar 06)
  - RE: Managed Security Metrics R. DuFresne (Mar 06)
    - Re: Managed Security Metrics shawn . moyer (Mar 06)
- RE: Managed Security Metrics Mike Smith (Mar 06)
  - Re: Managed Security Metrics Adam Shostack (Mar 09)
  - RE: Managed Security Metrics R. DuFresne (Mar 09)
- RE: Managed Security Metrics Crumrine, Gary L (Mar 07)
- Re: Managed Security Metrics Jack McCarthy (Mar 07)