In moving to a richer management platform, Internet Security Systems Inc. is looking to NOC your SOCs off.
The managed security services provider last week unveiled its Virtual Security Operations Center (SOC), a riff on network operations centers (NOCs) used by carriers and large enterprises for IT mission control.
With Virtual-SOC, an enterprise can outsource pieces of security management and retain others, depending on threat level, function, budgets, and other variables, according to John Wheeler, director of managed services deployment and integration at ISS. A Protection-On-Demand feature lets customers offload security management at the end of the day or week, or during heightened alert periods. Either way, they get a single interface to onsite and remotely managed devices and networks, which the Atlanta-based managed security services provider claims will save customers money.
Virtual-SOC also has server log management and reporting functions that can show all sorts of network, application, and end-user behavior. The feature is an obvious appeal to compliance-minded customers looking to a reliable third-party in the event that regulators or corporate officers demand any kind of historical data.
ISS is also trying to forestall competition from security information management (SIM) vendors like ArcSight and Intellitactics, according to Kelly Kavanagh, research analyst with the Gartner consultancy. But he says customers also want to go beyond managed firewalls and outsourced intrusion detection-and-prevention systems that have been the mainstay of outsourced security services for several years now.
"Customers are looking at the ability to gather data from devices that are beyond the normal scope of what's monitored 24x7 to get a broader view of what their security posture looks like, and to do investigative forensics work," Kavanagh says. "There might be an internal incident that needs to be looked into from a compliance perspective -- someone getting access to an app they shouldn't have access to, or someone doing work from a location other than their office. ISS and other service providers hope to attract customers that dont want to build such systems themselves or add the personnel to monitor them.
Virtual-SOC will be available in August. Pricing depends on the type of service or equipment in question, volume, and length of contract:
- Network-class devices (firewalls, network IDS/IPS); less than $100 per device per month up to $200
- Server-class devices (server-based IPS); less than $50 per device per month up to $100
- Host-class devices (end-user desktops); less than $0.04 per desktop per month up to $0.10
Terry Sweeney, Editor in Chief, Dark Reading
Organizations mentioned in this story