To Serve and Protect: Let Someone Else Run Your Security Software - ' More on Security Services ' (
Page 2 of 2 )
I mentioned performance as an advantage, but of course, theres also a potential performance downside to this approach. Outside systems introduce a latency that is somewhat outside your control. With respect to functions such as e-mail, I think people understand that a certain amount of latency is built into the model, and they accept it. However, its reasonable to expect a certain level of performance. Introducing a 15-minute delay in e-mail would be bad, for example. Such service-level agreements (SLAs) typically also include guarantees of uptime to a certain level.
My own ISP, Speakeasy.net (a DSL ISP using Covad circuits), is something of a pioneer in this area. For some time the company has offered a semi-managed firewall and it is on the verge of releasing anti-spam and antivirus support. But antivirus support at the ISP level (which usually means e-mail antivirus) has been rare among ISPs, although Yahoo! Mail and Microsofts Hotmail have had antivirus scanning built-in for years.
Now things are somewhat different when it comes to spam. A growing number of ISPs claim to provide spam-blocking capabilities. There are also numerous corporate spam-filtering service solutions, such as FrontBridge Technologies. FrontBridges solution does everything you would want to do and many things you probably dont have the resources to do; for example, its antivirus checking for e-mail goes through AV engines from multiple vendors, and it checks for updates every 10 minutes. You control the criteria for evaluating spam, including your own whitelist, proprietary blacklists and a rules database. FrontBridge has seven geographically distributed data centers on multiple backbones for better redundancy and performance. Finally, if your mail server is down, the company will cache and queue your mail for up to five days.
Is it cheaper? Thats hard for me to say; FrontBridge prices based on bandwidth (about 30 cents per megabyte) or by user (about $2 to $3 per month per user). I can easily see that being cheaper, especially if you can treat the whole service as an expense as opposed to having to depreciate your own equipment.
Services have another advantage: Providing for many customers gives them a perspective that can help everyone. I-TRAP Internet Security Servicesoffers a firewall monitoring/intrusion-detection system that uses a customized, hardened Linux server on the customer premises, but the real smarts are on a server back at I-TRAP. Because it sees so large a set of attacks and traffic it can apply statistical analysis to events at your site to gauge their seriousness. I-TRAP also provides sophisticated reporting capabilities that are easy to update because they are on a central server.
Serice providers usually claim that their offerings save their customers money, and perhaps they do; I havent run the numbers, so I dont know for sure. But even if they cost the same, there would still be advantages to the service approach, because it simplifies your own business by not having to manage these things yourself and not having your own servers directly exposed to the Internet. It also affords you flexibility. Its probably easier to switch between service providers than it is to change security software youre running in-house.
I still think that one day consumers will buy into these security services and everyone will be better off for it. That day doesnt seem a whole lot closer today, but it still seems inevitable.
Security Supersite Editor Larry Seltzer has worked in and written about the computer industry since 1983.
