FRAMINGHAM (01/20/2004) - Internet Security Systems Inc. is so confident that the managed security offering it is announcing in two weeks will automatically block certain network attacks that it pledges to pay customers thousands of dollars in credit or cash if the service fails.
The new Security Incident Prevention Service, which requires customers to use the Proventia G or M intrusion-prevention systems (IPS) ISS introduced last year, targets about 30 of the most-critical threats. These include worms that go after Microsoft Corp. software and those that exploit Apache Web servers and other programs.
The IPS service, which includes vulnerability assessments and comes in standard and premium editions, costs US$2,000 to $2,200 per month, per managed IPS. The company's managed intrusion-detection system (IDS) service costs less than $2,000 per month.
To encourage customers to jump from IDS-based monitoring services to IPS-based automated blocking -- some network professionals are concerned that IPS products will block legitimate traffic -- ISS is guaranteeing up to $50,000 in cash if the premium prevention service fails and up to $25,000 in credits if the standard service doesn't work.
The city of Sterling Heights, Mich., which has used ISS for four years to remotely manage its firewall and monitor for attacks via an IDS, is game for giving the managed IPS service a try.
"We're willing to block attacks," says Steve Deon, network administrator for the city, which maintains a private network for 1,000 municipal employees, including law enforcement, that reaches 20 buildings. "We've seen some things enter our network, such as worms and viruses, we're not happy about."
ISS monitors the network via its Southfield, Mich., security center, one of the half-dozen it has around the globe.
Kelly Kavanagh, principal analyst at Gartner Inc., says the ISS prevention services are the first of their kind in a market that includes vendors such as Counterpane Internet Security Inc., Symantec Corp., Ubizen Inc. and VeriSign Inc. She says offerings already exist where a managed service provider identifies attacks, but that blocking is not enforced until the service provider consults with the client.
"The Proventia appliances take the manual intervention step out of the process," Kavanagh says.
But as unusual and attractive as the cash incentives are, Kavanagh says ISS' service-level agreements leave the company with a few escape clauses, such as if there is an "Internet emergency" or if an ISP's network goes on the blink.