The inside of the Symantec Security Operations Center looks like a scene out of the movie "War Games," and in many ways, the connection is fitting. The SOC, as it is known by Symantec employees, is in the business of detecting and analyzing network threats. And as malicious activity online gets increasingly more sophisticated, the war against cybercrime is definitely on.
The US site is one of four SOCs in the Symantec managed security services (MSS) system. Others are in England; Sydney, Australia; and India. All perform identical tasks for clients who pay Symantec for 24-7 monitoring, analysis and response to potential threats to their systems, according to Grant Geyer, vice president of Symantec MSS.
"Our clients are generally large-business customers that need bullet proof security," said Geyer. "A lot of these clients are responsible for huge energy systems, or they are large financial institutions that have a lot of assets at risk. They need real time access to incidents as well as to analysts they can work with on threats."
For the price they pay, these clients get immediate attention. The average hold time for a client calling an analyst at the SOC is 8.5 seconds, according to Geyer. And clients also get familiarity. Analysts are separated into teams and are assigned customers so clients know they will speak to the same group of people whenever they call.
Just getting into the room is a process. The SOC is secured by three different zones. Of Symantec's 17,000 employees worldwide, only 200 have access privileges to enter the SOC.
The first zone one must pass through is an average looking security point at a door with a badge reader and a biometrics scanner. But through that door is an area known as the "man trap," a large, circular waiting area with high walls that conjures up images of Dorothy and her crew waiting to be seen by the Wizard of Oz.
"I am the great and powerful Oz! Who are you?!" I expect the Wizard to boom from a place unseen. But quickly I am taken past security zone two and into a glassed in area with an impressive view of the SOC known as the "fishbowl" where we learn more about the SOC and how it works.
"We have experts looking at customer incidents and responding to them, in real time, to notify them about incidents they need to take care of at that moment," explains Geyer. "We receive over 2 billion security incidents on a daily basis."
Geyer points to a floor of employees.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. The Case for an Untethered Enterprise
How to improve employee productivity in small and medium businesses
Controlling storage costs with Oracle database 11g
The state of Middleware
Look before you leap | Key considerations for moving to 802.11n
IT Service Management Needs and Adoption Trends: An Analysis of a Global Survey of IT Executives
Making the Business Case for IT Consolidation
Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Virtual magic: HR specialist throws out 40 servers, adds 8TB SAN and saves $100,000 for disaster recovery 2008-12-01 15:28:00+11
Sybiz adds up for SMEs in downturn 2008-12-01 14:27:00+11
EXCOM scores back-to-back award trifecta 2008-12-01 10:46:00+11
Citect extends SCADA networks with mobility solutions 2008-12-01 09:48:00+11
Citect extends SCADA networks with mobility solutions 2008-12-01 09:48:00+11
IT Service Management Needs and Adoption Trends: An Analysis of a Global Survey of IT Executives
IT executives face the need to improve service delivery with limited resource increases. Two common strategies for achieving this are network and systems management tools and datacenter consolidation. Read on to disocover how you can make a strong business case for IT Consolidation.
Buying Guides
