| Managed security services from traditional carriers, | | | | across the networks of the hundreds of carriers and |
| Managed Security Service Providers (MSSPs), and | | | | providers with which they have relationships. Due to |
| other solutions have helped address some of the cost | | | | economies of scale, these VNOs are able to employ |
| and resources issues inherent within a Do-It-Yourself | | | | the best-in-class technology and expertise that might |
| (DIY) approach. But many enterprises are beginning to | | | | be difficult for a single enterprise to afford. And the |
| realize they need more. In a typical environment, | | | | enterprise receives a tailor-made network and security |
| individual security devices report independently to a | | | | solution; VNOs work closely with their customers on |
| central site without a mechanism to correlate | | | | network design and deployment, since the proper |
| information from all sites or to identify and address | | | | placement of security devices within the network is |
| network-wide events in real time. | | | | critical to success. |
| The complexity of today's global networks requires a | | | | Determining the Level of Risk |
| managed security solution that addresses multiple | | | | Enterprises cannot apply the appropriate level of |
| dimensions within the network to provide defense | | | | security to their networks if they are unaware of their |
| against risks ranging from spam, email-borne viruses, | | | | risk-and the level varies depending on the enterprise. |
| and spyware to loss of confidential information and | | | | Customers can determine risk by performing a risk |
| intellectual property. Such defense in depth solutions | | | | analysis, either directly or through an external |
| must be multidimensional to apply security across | | | | assessment. An analysis will assign value to resources |
| multiple layers of a network-within the customers' | | | | based on multiple criteria, such as the number of |
| premises, in and across the backbone, and extending | | | | applications on a resource, the frequency of use, and |
| to each remote and corporate partners' office. | | | | the potential impact of downtime. Systems that serve |
| Security, in other words, is provided to all parts of the | | | | multiple applications to thousands of users will likely |
| network, wherever connectivity is extended. | | | | have a significant impact if unavailable and therefore |
| Many still consider security as protection against | | | | represent considerable risk if unprotected. |
| Internet threats; a multidimensional approach, however, | | | | Risk analysis includes an assessment of the current |
| recognizes there are many different untrusted | | | | network design, including the number of resources |
| networks and that enterprises do not necessarily | | | | available to different customers. It also recommends |
| know what all employees are doing or where they are | | | | where security devices such as firewalls and IPSes |
| taking their resources. The multidimensional approach | | | | should be placed or added for protection. The analysis |
| looks at all connectivity and protects any method of | | | | can also take federal, state, and industry regulations |
| access through any channel, even down to the | | | | into consideration. For example, an analysis can note |
| individual user. | | | | where applications subject to Sarbanes-Oxley (SOX) |
| Layers of Protection for Defense in Depth | | | | compliance are located and inform the enterprise if it |
| Effective multidimensional solutions include several | | | | needs to add risk prevention aligned with SOX |
| layers of protection to enable the appropriate defense | | | | requirements. Good assessments arm an enterprise |
| in depth for various network resources. Small remote | | | | with the hard data it needs to meet regulatory |
| offices may be adequately protected through an | | | | requirements. |
| access control list on a router, while larger offices | | | | Eliminating Tunnel Vision |
| might want to provide another layer of protection with | | | | Key to a true multidimensional, in-depth managed |
| a separate firewall and intrusion prevention sensors. | | | | security solution is the ability to tightly integrate |
| This not only prevents attacks from untrusted | | | | managed security services with a Security Information |
| networks but can keep infected internal systems from | | | | Management (SIM) infrastructure. SIM tools enable |
| perpetrating attacks. The next layer of protection can | | | | correlational analysis across multiple hardware |
| be applied to resources; critical web, mail, file, database, | | | | platforms in all layers of the network and across all |
| and other servers should be directly monitored against | | | | security devices, enabling a complete and holistic view |
| compromised by the rare attack that can make it | | | | of the security posture of every managed device. This |
| through all the other layers of protection. | | | | eliminates the tunnel vision associated with looking at |
| Finding the Right Provider | | | | the output of just one device and enables a much |
| Using several layers of protection in multiple dimensions | | | | deeper and broader view of all security events across |
| of a network is necessary because threats can come | | | | the entire business network. The reports generated by |
| from anywhere. Yet service providers focus on | | | | the SIM can also be tailored to present ongoing |
| protection of the perimeter and Wide Area Network | | | | compliance data for regulatory audits such as SOX |
| (WAN) while MSSPs focus on the perimeter and | | | | and Health Insurance Portability Accountability Act. |
| Local Area Network (LAN). Neither looks effectively at | | | | The End Result: Comprehensive Security |
| all the dimensions required to enable business | | | | VNOs with a SIM infrastructure can provide the most |
| connectivity. The most complete solutions provide | | | | comprehensive view of the network, correlate events |
| security across the entire business network, inclusive | | | | among a wide array of network devices, and identify |
| of each individual remote user, all remote offices, | | | | and address security events on a global scale in a |
| every partner connection, and all primary links. Missing | | | | matter of minutes. Enterprises of any size can receive |
| a single piece can lead to exposure of the entire | | | | immediate data on security vulnerabilities across the |
| network. | | | | entire network, down to the individual user. And these |
| Virtual Network Operators (VNOs), can offer a full | | | | enterprises know their extended network is receiving |
| suite of managed security services and deliver them | | | | the broadest, deepest protection possible. |