Re: [fw-wiz] Managed Firewall Service - Opinions

From: Jeffery.Gieser@minnesotamutual.com
Date: 04/17/03

  • Next message: Paul Stewart: "RE: [fw-wiz] Managed Firewall Service - Opinions" 
    To: firewall-wizards@honor.icsalabs.com
From: Jeffery.Gieser@minnesotamutual.com
Date: Thu, 17 Apr 2003 10:38:34 -0500

    #What are a few pros and cons that come to mind versus managing
    #the firewalls yourself?

    I looking into managed firewall services and really did not care for what I
    saw.

    1. It was pretty expensive. We were quoted prices between $500 and $1,000
    a month per firewall per remote office. These offices had 5-50 people
    depending on the office. This is cheap if you can completely get rid of
    your security department/person but your security department/person should
    be doing more than managing firewalls and with only 700 people in your
    company the firewall should take a few hours a month worth of admin time.

    2. Their turnaround time was 48 hours on a request. In my mind this is
    unacceptable. If your current users are used to a quick turnaround when
    they call you then they will not like this at all.

    3. They usually only allowed a maximum number of rules. We saw this vary
    from about 15 to 20 rules with the vendors we looked at.

    And the most important reason

    4. They usually force you to sign an agreement stating they are not
    resposible for any security incident at your site even if it results from a
    configuration mistake that they made on your firewall.

    #Do these companies manage the firewalls as we currently have them, or
    #do they install/configure their own? - currently we use Gauntlet
    firewalls.

    The companies I looked at used their own firewalls but there are companies
    that will manage yours. I am sure you are well aware that Guantlet is
    going away so maybe this isn't a big deal. I do not know of any large
    managed firewall companies that manage Sidewinders in case you follow the
    recommended Secure Computing upgrade path.

    Regards,
    Jeffery Gieser

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Paul Stewart: "RE: [fw-wiz] Managed Firewall Service - Opinions"

    Relevant Pages

    • Re: Identifying which process is sending specific packets?
      ... TCPView from Sysinternals and Fport from Foundstone come to mind as do personal ... firewalls that can alert to activity from a process and log it such as ...
      (microsoft.public.win2000.security)
    • Re: Do i need a virus scanner?
      ... ...but don't mind me if I keep my anti-virus software up to date. ... >After my many posts about firewalls i've decided on a strategy and thought ... >So, my question is do i need a virus scanner, just in case? ...
      (comp.security.firewalls)
    • Re: What does ubuntu use for a firewall?
      ... topic really had nothing to do about firewalls, ... having to set my clock back. ... so you won't mind then if I /dev/null your email so I don't have to ... continually search back in my email lists to find your emails. ...
      (Ubuntu)
    • Re: can you have ICS *and* filesharing?
      ... another not unimportant addition: ... As the previous post seemed to imply: it was a problem of firewalls (somehow). ... So the main thing to keep in mind seems to be to open the server to ...
      (microsoft.public.windowsxp.network_web)
    • RE: [fw-wiz] FW appliance comparison - Seeking input for the forum
      ... > I think it would be interesting to know what type of group of was responsible for managing> the firewalls in the study. ... I am moving an account off of a Checkpoint being managed by a> services organization onto a PIX platform (no intent to start a vendor war) - and I have> been surpised by the permissiveness, and redundancy, in the "managed"> ruleset. ... The one thing that always struck me funny about these situations where an MSSP does a lousy job of remotely managing a Check Point rule base is that, in order to get Check Point's seal of approval, you've got to run Provider-1, which is a fairly large cash layout to start a service like that. ... But then to not spend much if any money on staff and staff training... ...
      (Firewall-Wizards)