23 June 2005
Outsourced Security Called Battle Tested
Outsourcing corporate security is no longer risky business and large organizations should hand off network monitoring and security services as soon as possible. That was the main conclusion Gartner analysts presented to about 2,000 IT executives at the firm's IT Security Summit last week. Gartner predicts the future of security is in the cloud and expects to see more services such as MCI's WAN Defense ,announced two weeks ago. "Why should I filter out this garbage at my end? Outsource as much of the day-to-day busywork as you can, as soon as you can," said Gartner analyst John Pescatore in his presentation titled "The Near Future of Network Security." Pescatore acknowledged this is a radical change from what Gartner would have advocated in years past, when it viewed security outsourcing - which requires a company to entrust an outsider with critical support - as controversial.
"It's just not controversial anymore," Pescatore said. He said the level of expertise exhibited by the first-generation of managed security service providers (MSSPs) along with the rise of carrier- class high-speed security gear from vendors such as iPolicy Networks indicate that security outsourcing can evolve into a trusted service. Customers need not purchase their own customer premises equipment (CPE), Pescatore says, particularly for perimeter defense. Managed security services will evolve into "in-the-cloud services" in which network traffic is cleaned of spam, viruses, attack traffic and other problems before it reaches the enterprise, and perimeter firewalls and IDS reside with the carrier, said Kelly Kavanaugh, whose presentation was titled "security in the Cloud: Take My security Hardware, Please." Traditional pure-play MSSPs such as Symantec, Internet security Systems and Counterpane Internet security, as well as the larger IT outsourcers such as EDS and IBM, are most often associated with remote monitoring customer IDS, firewalls and other gear. But he predicted,"It becomes a utility that's shared. For enterprises, it's a way to let go of having customer premises equipment." He said a number of in-thecloud anti-spam and anti-virus filtering services already exist, including those from MessageLabs and Symantec's Brightmail outfit. While MSSPs also might offer their own version of in- thecloud security, Kavanaugh explained that "the carriers have the best opportunity to deliver in the cloud" because they provide the essential connection closest to the customer's network.
"It's just not controversial anymore," Pescatore said. He said the level of expertise exhibited by the first-generation of managed security service providers (MSSPs) along with the rise of carrier- class high-speed security gear from vendors such as iPolicy Networks indicate that security outsourcing can evolve into a trusted service. Customers need not purchase their own customer premises equipment (CPE), Pescatore says, particularly for perimeter defense. Managed security services will evolve into "in-the-cloud services" in which network traffic is cleaned of spam, viruses, attack traffic and other problems before it reaches the enterprise, and perimeter firewalls and IDS reside with the carrier, said Kelly Kavanaugh, whose presentation was titled "security in the Cloud: Take My security Hardware, Please." Traditional pure-play MSSPs such as Symantec, Internet security Systems and Counterpane Internet security, as well as the larger IT outsourcers such as EDS and IBM, are most often associated with remote monitoring customer IDS, firewalls and other gear. But he predicted,"It becomes a utility that's shared. For enterprises, it's a way to let go of having customer premises equipment." He said a number of in-thecloud anti-spam and anti-virus filtering services already exist, including those from MessageLabs and Symantec's Brightmail outfit. While MSSPs also might offer their own version of in- thecloud security, Kavanaugh explained that "the carriers have the best opportunity to deliver in the cloud" because they provide the essential connection closest to the customer's network.
# posted by vdodon @ 08:35 
