Top-tier security vendors are blending management and services with their product offerings in an effort to defuse security-related wild-goose chases and reduce customers' discovered security events to meaningful and digestible chunks. Companies such as Internet Security Systems Inc. (ISS), Symantec Corp., and IBM Corp.'s Tivoli are zeroing in on beefed-up integration and services options, familiarity, and global-market reach to win over customers.
As services and management merge, point-product oriented MSSPs (managed security service providers) will benefit by fine-tuning their solutions with key knowledge gained through their services arm, according to Laura Koetzle, an analyst at Cambridge, Mass.-based Forrester Research Inc.
"[Customers'] infrastructures [are] getting very complicated; a laundry list of point products and the Web management consoles that go with that," Koetzle said. "That's where the big management push is coming from."
As budget crunches and staff shortages hamper IT departments, MSSPs are also becoming more attractive for absorbing responsibility for breaches and security holes. "We don't put it in our brochures ... but let's face it: If something goes wrong and you're outsourcing, you can blame the outsourcer," said Pete Privateer, vice president of X-Force Protection Service at ISS in Atlanta.
Last month, ISS introduced enhancements to its X-Force MIPS (Managed Intrusion Protection Service), which provides customers four options from which to choose the one best-suited for defending and monitoring their network perimeter.
The goal for ISS is to layer management on top of the company's RealSecure software platform or through value-added services, Privateer said.
As part of that mission, ISS is constructing an automated inline-blocking perimeter-protection model running at gigabit speeds, slated to debut next year. The platform, featuring baked-in Network Associates technology, will allow customers to apply a virtual patch to block any protocol, attack, or element exploiting a vulnerability without ever touching the network, Privateer said.
Additionally, ISS is looking at adding a service to manage protection of desktops, leveraging technology from acquired Black Ice.
ISS does not currently offer anti-virus or firewall technology, but it does manage third-party products. However, the security company emphasizes incorporating its products into a customer's infrastructure when possible. This is a risky proposition that may not bode well with customers, Koetzle noted.
"ISS will find it a hard road to hoe if they walk in the door and say, 'We're going to rip your infrastructure out so we could manage it better.' Even if they could, it's a tough sell," Koetzle said.
Koetzle said Symantec, which introduced its Symantec Security Management System earlier this month, must prove its management and services muscle to customers familiar only with the company's anti-virus point-product dominance.
By integrating with hardware security makers, such as Check Point Software Technologies Ltd. and Cisco Systems Inc., Symantec's new platform -- a set of management applications designed to integrate with third-party security products -- is offering customers what they demand most: options, said John Thompson, CEO of Cupertino, Calif.-based Symantec.
"We cannot in our service offering be so oblivious in support of Symantec products that we undersupport what customers have implemented," Thompson said. "If [a service] can't support competitor offerings, it will never work."
Yet skepticism abounds. ISS's Privateer questioned whether an integration framework could be constructed to constantly adapt to different technologies hitting the market, as new and complex security threats promote a high rate of development effort from vendors.
IBM Tivoli is also getting into the MSSP act. Last week, Big Blue announced the first security services and management results of its partnership with VeriSign Inc. earlier this year.
Based on Tivoli's Access Manager, VeriSign Access Management Service (AMS) is hosted by VeriSign and provides a single Web-based console for automating the management of users, roles, groups, and policies across an enterprise.
Also making its debut, IBM-VeriSign Solution for Secure eBusiness Integration integrates internal and external applications, and provides digital certificates for authentication, digital signing, encryption, and access control, said John Weinsvhenk, vice president of Mountain View, Calif.-based VeriSign's enterprise security group.
Customers learned some harsh lessons when they saw unprepared MSSP-market entrants fail due to a lack of a true channel, and they await a source to provide a full-complement management and services package, said Jim Hurley, vice president and managing director of information security at Boston-based Aberdeen Group.
"We all believe there is a viable market for managed security -- unless you as a vendor really understand what you're doing, and most of them don't," Hurley said.
Among companies reaping the benefits of managed security services is Eastern Bank, which settled on ISS as its provider.
"The smaller and mom-and-pop [security] shops, yeah they can do [managed security], but do they have resources? Do they have customers overseas, and can they analyze those logs and see a trend going on and apply that?" asked Aidan Garcia, assistant vice president at Boston-based Eastern Bank. "Stuff like that just brings a huge advantage to us."
-- Ed Scannell contributed to this report.