Managed security services gain new players

Managed security services are catching on because they offer corporations a way to hire outside experts to remotely manage firewalls, VPNs and intrusion-detection equipment.

Last month, two security firms – plus giant Cisco Systems Inc. – each stepped into this arena with their own approaches.

Securify Inc. was founded three years ago by Taher Elgamal, inventor of the Web’s encryption technology Secure Sockets Layer. It was a consultancy but is now jumping into the managed security services arena. Securify has built monitoring equipment that can process intranet traffic on LAN segments at 100Mbps to report back network-based events that depart from accepted business use.

“We’re monitoring segments of a corporation’s internal network for appropriate use,” Elgamal says.

By consulting with a company to understand how employees and business partners allowed inside the intranet use the network on a daily basis, Securify determines the security policy for appropriate use. “Then we can filter the data based on violations, and we’ll generate alerts for critical violations based on the corporate policy,” Elgamal says.

The Mountain View, Calif., company claims to have five customers for its service, which starts at US$100,000 per year. Securify installs its monitoring gear on the customer network. The equipment reports policy violations back to Securify via servers stored at Exodus Communications Inc.

“We’ve already found one customer had an employee running a separate Web server for his own business, with traffic inappropriately coming into the network for that,” Elgamal says.

“There’s no attack going on there, but there was inappropriate access through the firewall that had nothing to do with the business of the company,” he adds.

Another security firm, Riptech Inc., introduced its managed security service, dubbed Caltarian (Welsh for “wise shield,” according to Riptech CTO Tim Belcher). At a starting price of US$2,000 per device, per month, RipTech installs and remotely monitors any of six types of firewalls, intrusion-detection systems and VPNs from its Alexandria, Va., data centre.

“We’re offering real-time security monitoring for commercial organizations,” Belcher says.

The Washington Times and United Press International, both owned by the same parent company, have signed up for the RipTech firewall service. Management earlier balked at the cost of buying a firewall, says Eric Johnson, Webmaster for The Washington Times.

But the managed firewall service from RipTech, which recommended the Cisco PIX, was viewed as more cost-effective than buying one. “It’s US$43,000 per year but we couldn’t have hired a security specialist to handle this round-the-clock at that price,” Johnson says.

RipTech and Securify compete against Counterpane and Internet Security Systems, among others, in the area of managed security services.

Cisco wants to make sure its equipment is widely used by providers. Toward that end, it has announced a vendor qualification program to certify service providers using the Cisco firewall, IDS and VPN to remotely manage services for their customers.

Exodus is the first certified provider, says Dan Hession, Cisco’s director of service provider marketing for the VPN and security business unit. Cisco plans to recommend to its customers the service providers certified under the program and co-market managed security services with them.

For more information, see Securify on the Web at; RipTech at; and Cisco at