Managed Security Providers (Who do IDS & Firewall Monitoring and Blocking)

From: opiniontaker@hushmail.com
Date: 01/30/02 

From: opiniontaker@hushmail.com
To: focus-ids@securityfocus.com
Date: Tue, 29 Jan 2002 16:29:15 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello All,

I've been looking for a managed security provider as of late--and in doing my research and talking to sales people and such, I come off with the huge worry that even though I am walking into what *looks* to be a sexy facility (the MSSP's NOC site) and talking to what *looks* to be very smart and dedicated people (the MSSP's analysts and engineers), all I've been given in the end is a very big show trying to get me to spend money without regard to giving a damn about my organization's security. As professionals in the field, I am asking your opinions on managed security providers. I ask based on the following criteria:

1. What are your thoughts concerning whether or not the MSSP is actually paying attention to the defense of a customer network 24/7/365?

2. What are your thoughts as to the MSSP's ability to defend my networks when they aren't really a part of my business, and, hence, have a very limited understanding of my individual organization's security threats, issues, and needs.

3. What are your thoughts on an MSSP to actually succeed in business when they are only charging me $3000-$6000 per month to secure my borders, AND they have to pay attention 24/7/365, AND they tell me they will know and understand my network, AND they tell me that they possess top notch, industry-leading talent (bearing in mind that they probably have to pay that talent very well)? How many top notch people can they afford to hire and spend on MY network at $3000-$6000/month... or do they mean that the top notch talent will spend part of its day on my networks and part of its day on X numbers of other customers.

4. How many of you honestly feel that the technology in place to day is of a calibur to protect my network the way they say it will (I'm sure there are all sorts of technical things to consider on this last one, so please list anything you feel is pertinent)?

Thanks very much--you're answers will mean a lot to a very conflicted IT manager!
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wmEEARECACEFAjxXQMEaHG9waW5pb250YWtlckBodXNobWFpbC5jb20ACgkQS5PsFnfk
MPY70gCfbV2SyitfdZBRsNjF3O+Cp/yO6fMAnjYnd6CeKzNqJIm1MGssNoBrfn5Y
=EEsM
-----END PGP SIGNATURE-----