anyone here work in it security? i need some info on managed firewalls

 

What info you after?

 

who offers these services?
what firewalls do they use?
that sort of stuff

 

Cough....

I work in IT Security as well.....



Jeff

 

Nasty cough you've got there Jeff

 

Most of the large Telcos do it (badly in most cases) and some independents as well. Checkpoint on Nokia is the most common solution but there are others such as PIX, Netscreen, SonicWALL, Raptor...etc, in fact all of the commercially available firewalls have a managed service provider....

Be careful about what you define as a managed service and what the Vendor describes as a managed service...not likely to be the same thing.....

One of the biggest MSPs for Checkpoint in the UK is Vistorm who I have had dealings with when working for end user organisations.

Jeff

 

Jeff I didn't know you worked in security

 

Me.....err, oh yes I work in IT Security and I would mention that we do Managed Security as well but that would be commercial advertising now wouldn't it

Cough.....don't look now but here comes a moderator.....slinks away.....


Jeff

 

isn't IT security also known as "penetrator tester"?

 

Hehe I deal with Vistorm on a day to day basis and...<removes libelous content>

 

P1Fan....you can tell me more on Sunday....

 

ChrisB's a firewall expert. Just don't expect a quick response.

 

I've dealt with several of the top named security firms, and I can honestly say I'm begining to think they are all as bad as each other.


The salesmen are always very good, putting on a good show, however the installation and aftersales support can be terrible

Do some serious homework if you're thinking about getting a 3rd party in for your security, also shop around and weigh up the competition. Most have loads of margin in the cost of the kit so haggle

 

Do it yourself, then you know what you are getting. The definition of a managed service can be very different from provider to provider. Normally this means that they monitor the firewall. any additional work is charged for.

The Firewalls that come in one box are about the best as you can get them up and running very fast. Also when you phone up support they can not blame the OS or the PC manufacturer, everything is covered.

Si

 

thanks for replys, as i see it IT security is a question of trust.

If as you say people dont deliver what they say, does it not all fall down.

comments?

 

I think for the most part the MSP companies do deliver what they say in the contract but that the Clients don't neccesarily ask for the right things in the contract.....I think it all comes back to what is the definition of a managed Security Service.

You might think that the Vendor is there to secure your enviroment and that any changes you ask for in the Firewall are only done once a security review of the change is completed. However the Vendor will probable not even look at the Firewall logs (depending on the service you've purchased) and you will probable have to inform them that there is a problem with the device and they will make any change to the Firewall rulebase you ask for regardless of if it is sensible/secure or not.

There are a few good MSPs around but you will pay though the nose for the management of the Firewall. The good ones tend to be security companies who's core business is managed security services (such as ISS, Proseq for IDS systems).


Jeff

 

To be honest with these MSP... do you really want any changes making to your firewall, without being aware of them... I know for a fact if anybody killed one of our 4 /5 firewalls... they would be sacked... no questions asked... You are the weakest link... goodbye.

(We rely (sp) on our links and our hundreds of routers all sit outside some of the firewalls)

David

 

I'm not suggesting that there should be unilateral changes to a Firewall Rulebase but rather that you've contracted a company to look after your Security and therefore they should be in a position to 'sanity check' any requested changes not simply do them if the customer asks.


Jeff