RE: Managed Service Providers

Kevin Timm Wed, 27 Jun 2001 20:35:17 -0700
Yes I will agree there are problems that have not been fully answered in the
MSP arena. However there are many benifits such as the extended expertise an
MSP does have through managing many devices and the amount of combined
knowledge that is available through senior level staff. The MSP arena I
don't think is there to supersede the staff and skills of the fortune 100
company but instead to augment a fortune 100's company's skill set as well
as providing a system of checks and balances for the company. With smaller
and mid size companies the MSP can provide can provide a service that the
company is not able to or doesn't want to budget for performing on it's own.
Smaller  companies have problems if they try to move security in house such
as finding qualified engineers. Most smaller companies do not have a person
capable of making an informed hiring decision when it comes to security, all
that really defines the candidates are certifications and many times
ceritfications can be misleading to a persons actual skill level. Security
is a difficult to quantify to management in terms of dollars and cents and
security professional skills are difficult to quantify to an HR person.

K
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED]
Sent: Wednesday, June 27, 2001 10:10 PM
To: Len Rose; [EMAIL PROTECTED]
Subject: Re: Managed Service Providers


One can always state..: Let us put a box on site, and point all logging to
it, and then the MSP is remotely connected to the box, and everything is
nice and rosy..  Nope, there is authentication, encryptions, blah, blah,
etc, etc  A simple fingerprint scan that is some what successful can
clearly identify the box, and any port that is open and then attack
it.  Oops, just knocked some hybrid Unix box offline.. All the MSP noc
person sees is that they are no longer receives alerts.

Reaction:
Call customer" Hi so and so, this is MSP so and so, we are no longer
receiving messages from our remotely managed box"
Customer: Am I vulnerable
MSP rep: Unsure of the status, could you do the following....

Doesn't provide much confidence in my mind..

One doesn't need senior engineers available, one needs a better way of
remotely recycling power.. :)

At 10:49 PM 6/27/2001 -0400, Len Rose wrote:
The answer to this has always been automation, whether it's automation
of log analysis, alarms/traps, and/or on the fly packet header monitoring.

When an alarm occurs, the SOC gets alerted and an escalation procedure
begins. This is standard practice. You don't have senior engineers
monitoring
systems 24 x 7 but you damned well better have them available when something
real happens.

_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
RE: Managed Service Providers

Reply via email to
