Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    To Serve and Protect: Let Someone Else Run Your Security Software

    By
    Larry Seltzer
    -
    May 8, 2003
    Share
    Facebook
    Twitter
    Linkedin

      For how many of you out there is running a firewall—or running IT in general—central to your business? I bet the percentage is a small one. Nevertheless, you have to do these things in order to protect and facilitate the things you really do for a living.

      This is why I believe in services for most IT functions. By “services,” I mean that a function should be outsourced to some outside firm. Web hosting is a good and obvious example of a service. You could run your Web site on your own systems, but wheres the sense in that? Hosting firms have great economies of scale when it comes to running large numbers of customer sites on a single box as well as managing farms of Web and other application servers. As a result, its cheaper and better to outsource it.

      In the case of security, I think there are also economies of scale, at least in many cases. Years ago (I think it was 1999), I wrote a story predicting that ISP-managed services were the future of antivirus and some firewall functions, at least for consumers. If spam had been so big a problem back then, I would have included it, too. For the most part my predictions have been flops, but I still think I had good arguments:

      • Economies of scale: An outsourcing firm can throw a few large servers at a problem and support large numbers of users.
      • Timeliness: One of the key characteristics of good antivirus, firewall and spam-protection support is having and implementing the latest attack information. Its a lot easier for a service to update its server network than for a company like Symantec to push out updates to millions of users.
      • Performance: In some cases, especially spam filtering, outsourcing means youll cut the amount of traffic entering your network, leaving only the parts you want. At the very least, this move will improve bandwidth. I wonder how much hardware and bandwidth money could be saved by using managed security services.
      • Backup: Service providers make guarantees of backup, archive and disaster recovery.

      I think those factors are all the biggies, and they are even more true now. So why was I wrong? I think the major reason why the service model never caught on, especially when it comes to ISP-provided services, is that people are cheap. Yes, you heard it here: ISPs assumed that customers wouldnt be willing to spend another $5 per month or whatever it would take, so they never rolled out the services.

      Ive also always been suspicious of the motivations of antivirus companies on this front. If ISPs generally adopted antivirus scanning, it would certainly hurt the retail antivirus market. That money would be somewhat offset by the subscription fees, and the service model is also far cheaper for the antivirus vendor than shipping millions of boxes to consumers, but it has to be a scary move for a McAfee or Symantec. On the other hand, for a company like Sophos, which is respected in the corporate market but has no meaningful consumer business, this would be a pure win. Any antivirus vendor would point out that a service that scans mail, maybe even HTTP, still doesnt stop all possible avenues of infection; therefore, you still need to run a local scanner. But lets face it: E-mail is where real people get their viruses these days, so plenty of people would conclude that they didnt need to buy or update a local scanner anymore.

      Continued on Next Page

      More on Security Services

      I mentioned performance as an advantage, but of course, theres also a potential performance downside to this approach. Outside systems introduce a latency that is somewhat outside your control. With respect to functions such as e-mail, I think people understand that a certain amount of latency is built into the model, and they accept it. However, its reasonable to expect a certain level of performance. Introducing a 15-minute delay in e-mail would be bad, for example. Such service-level agreements (SLAs) typically also include guarantees of uptime to a certain level.

      My own ISP, Speakeasy.net (a DSL ISP using Covad circuits), is something of a pioneer in this area. For some time the company has offered a semi-managed firewall and it is on the verge of releasing anti-spam and antivirus support. But antivirus support at the ISP level (which usually means e-mail antivirus) has been rare among ISPs, although Yahoo! Mail and Microsofts Hotmail have had antivirus scanning built-in for years.

      Now things are somewhat different when it comes to spam. A growing number of ISPs claim to provide spam-blocking capabilities. There are also numerous corporate spam-filtering service solutions, such as FrontBridge Technologies. FrontBridges solution does everything you would want to do and many things you probably dont have the resources to do; for example, its antivirus checking for e-mail goes through AV engines from multiple vendors, and it checks for updates every 10 minutes. You control the criteria for evaluating spam, including your own whitelist, proprietary blacklists and a rules database. FrontBridge has seven geographically distributed data centers on multiple backbones for better redundancy and performance. Finally, if your mail server is down, the company will cache and queue your mail for up to five days.

      Is it cheaper? Thats hard for me to say; FrontBridge prices based on bandwidth (about 30 cents per megabyte) or by user (about $2 to $3 per month per user). I can easily see that being cheaper, especially if you can treat the whole service as an expense as opposed to having to depreciate your own equipment.

      Services have another advantage: Providing for many customers gives them a perspective that can help everyone. I-TRAP Internet Security Servicesoffers a firewall monitoring/intrusion-detection system that uses a customized, hardened Linux server on the customer premises, but the real smarts are on a server back at I-TRAP. Because it sees so large a set of attacks and traffic it can apply statistical analysis to events at your site to gauge their seriousness. I-TRAP also provides sophisticated reporting capabilities that are easy to update because they are on a central server.

      Serice providers usually claim that their offerings save their customers money, and perhaps they do; I havent run the numbers, so I dont know for sure. But even if they cost the same, there would still be advantages to the service approach, because it simplifies your own business by not having to manage these things yourself and not having your own servers directly exposed to the Internet. It also affords you flexibility. Its probably easier to switch between service providers than it is to change security software youre running in-house.

      I still think that one day consumers will buy into these security services and everyone will be better off for it. That day doesnt seem a whole lot closer today, but it still seems inevitable.

      Security Supersite Editor Larry Seltzer has worked in and written about the computer industry since 1983.

      Larry Seltzer
      Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×