Et Al,
Being new to the security field, I am wondering what managed security
services is:
Managed Security Services can be defined in many different ways. As it is
defined and then delivered by the various entities out there, what is the
makes managed security service company successful?? Is it the people, the
technology, the experience, or the size of the organization offering the
service??
Does managed security services include patch management, anti-virus
centralized management, intrusion detection, spam detection, patch
management??
Many companies, even telecommunications providers, internet service
providers are offering the service with customer web portals, but what is
exactly is a web portal and does it really provide an organization all the
data that is observed on their network?? How is data from a web portal be
used to prosecute a real hacker ??
What happens to the customer data on the backend ? Is it mixed in with
other customer's data for analysis or trend reporting?
Where does a managed security service begin and end ??
Does it begin at the architecture level (i.e. implementation/integration
services or presented to a customer (Hi, this is your network, this is your
network after all those hackers have gotten to it (imagine the "This is
your brain, this is your brain on drugs commercial (*scrambled egg sizzling
in background*)..
How long does it take to tune an IDS, a telecommunications firewall, an
IPS, a firewall?
What is normal traffic patterns in an organization?
How do enhance the effectiveness of a managed security service?
What is proactive refinement of security policies? Who has the final say ??
Do the people that work 3rd shift just as talented as the 1st shift in a
24x7 service?
What is real-time versus a real-network attack or telecommunications attack?
How does an organization that pays for a managed security service feel that
their network is healthy??
What are the determining factors behind a healthy and secure network?
What is guaranteed responsiveness??
Are the people who are watching an organization's network really certified
or just take on-line or web based classes and learn as they go ??
What determines lower total cost of ownership?
How does a managed security service really save an organization time and
money ?? If a network is designed correctly, staffing requirements should
have already been accounted for, including training and maintenance
Many thanks in advance for anyone's response
/cheers
/m
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
