Joining the service?

The downturn might be increasing the uptake of hosted services. But do money saving motives outweigh fears over hosted security? Which headache is worse; the worry of offloading security work, or the bother of carrying it out in-house? Julian Pletts finds out if security as a service is really a viable option.

Tags: EMC CorporationFVC - First Video Communications IncorporationGoogle IncorporatedMalwareSymantec CorporationTrend Micro IncorporatedUnited Arab Emirates
  • E-Mail
Joining the service? About 12 months ago we launched something called the LMS service which is the Log management service. - Jeff Ogden, senior consulting, Symantec.
More pics ›
By  Julian Pletts Published  October 7, 2009 Network Middle East Logo

As part of a rounded discussion to discern whether or not security as a service has found its legs in the Middle East region it is first important to define what we mean by security as a service.

There seems to be a level of confusion in the market as to exactly what constitutes security as a service. There is the strict end of the spectrum suggesting that security as a service is directly correlated to its closely related cousin software as a service. That is to say that it is security services that are hosted by a third party entirely, and this is generally related to SPAM filtering and anti-virus scanning and similar software services.

Then there are others in the market that will say managed services — often offered by systems integrators in this market — fall into the category of security services. This is when an end-user gives up most, if not all, control of its security posture to a systems integrator or vendor. These services though are normally carried out on-site. 

Alright, it is perhaps fair to say that this is a rather simplistic assessment of what we actually mean when we look at security as a service, but it will help in the evaluation of how far enterprises and the SMB sector have been willing to hand over responsibility for chunks of their network security to a third party. Though lip service will be paid to the managed security services aspect of security in this article, it will be the former aspect, delivering security applications as an internet-based service,  on which we will focus.

In this category the breadth of vendors and indeed the offerings on the market have exploded in recent years. A great deal of the major networking vendors have been looking to capitalise on the possibility of this market — names such as Trend Micro, Symantec, EMC and McAfee.

“We are looking at how every product that we offer, how can we make all of it software as a service to try and reduce the need for on-premise products and how we can move have that into the cloud,” proclaimed James Walker, product marketing manager for the specific software as a service division of Trend Micro. 

So what are the key security as a service products that are available in the Middle East market? If we take Trend Micro as an example, the security services that it has currently converted and, or, designed for hosting include hosted email services, such as anti-virus and anti-SPAM solutions, and anti-malware and file reputation services.

Symantec has also been busy looking at how services that they traditionally market as onsite or managed services can now be hosted and backed up by its own experts and support teams.

Jeff Ogden senior consulting at Symantec comments that the last 12 months has seen some notable security as a service launches from the security powerhouse.

“About 12 months ago we launched something called the LMS service which is the Log management service and we usually have services for that. That is the collection of all the log data from the customer’s environment for review and analysis,” explained Ogden regarding one of the services the vendor has been promoting.

“We also have the deep site threat management services which are the most comprehensive database of threats and utilities, attacks, underground economy information. And this week we will be launching a service which is basically a deep-dive analysis for customers that get some issues and threats and don’t know how to deal with them. It will mean that they get someone to help them work that through,” added Ogden. “We have that and we also deliver a couple of other broad services as well, Botnet tracking, network shutdown, etc”

The vendor is keen to point out that a great deal of the services that they offer can either be backed-up by their own experts or that those resources can be remotely deployed for organisations that may not have the expertise as part of their in-house IT team. This, it can be assumed, would be a very attractive prospect being as the region is still suffering from the side effects of the financial crisis which demanded shaving resources that might have been employed securing networks.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code