Re: Outsourcing Firewalls/Internet Security count

[mikael.lindemann () nfm se (Mikael Lindemann)]

Time for a newbie on this list, as myself, to add some personal thoughts and
views on this matter.

What You describe here Edward, can already be done with the NetRanger
FireWall from WheelGroup Corporation.

All the NetRangers placed at customer sites are supervised from a centrally
placed Director, which recieves alarms and can do remote maintenance and
setup.

The encryption part takes place in real-time with the Network Systems
BorderGuard Security Router, which is a part of the FireWall since it has an
advanced filter-language and also copies packets to the NetRanger for
Pattern Recognition.

To centralize the management of the FireWall, or outsource it, relieves a
lot of the work that has to be done on the client-side, where the FireWall
is set up to protect the networks.

Of course, you have to sit down with the client's head of security to make a
plan about what to allow in to the network, and, with NetRanger, also what
should be allowed to travel from the inside out to Internet.

Well, these are my 0.02 Swedish crowns worth on this subject.. ;)

/Mike

Mikael Lindemann
Network Security Engineer
NätCentralen Facility Management AB
Box 115
S-933 22 Arvidsjaur
Sweden



> All of us....and the general opinion is that this is a good thing.
> Certainly a trusted name is required. I don't feel any 'new' name could
> start-up and offer this service successfully, but then, if all the
> remote management can do is take alerts and warnings, surely the customer
> can relax a little.
>
> In my view, the client site will have a system filtering and identifying
> intrusion patterns. It will then generate a fairly 'cryptic' alert and
> pass that via an encrypted link (leased line). The managing authority
> won't usually have direct access to network traffic.
>
> There's obviously a long way to go before this technology becomes
> acceptable, but it could be extended to address the issues of;
>
> Remote Firewall Management
> System Administration
> Network Performance
> Business Continuity
>
> All with the benefit of a team of experts managing your Internal network
> without the cost of employing individuals for that task.
>
> <ALARM>
>
> whoop whoop
>
> </ALARM>
>
> No, we've got to sell this to the people it might replace.
>
> I've thought about this one long and hard. I see it as a way to free up
> these people from the mundane tasks, and take away the need for them to
> keep up to date with new vulnerabilities.
>
> My $0.02
>
> :-)
> -----------------------------------------------------------------
> Edward Cracknell - <edward () SecurIT net>