Managed customer premises equipment represents the old way of providing managed security services. This is evidenced by several factors, including the failure of most managed security-service providers (MMSP) to achieve commercial success, despite the fact that large, well-funded companies own many of them.
Managed CPE addresses only a small part of a larger problem: the labour required to monitor devices. The larger problem is the ability to keep up with rapidly changing threats in terms of cost and speed. The security world has become complex, growing beyond firewalls and intrusion-detection systems (IDS) — the primary services of managed CPE companies. Today there are hundreds of security technologies that solve varied problems, and new solutions are introduced daily to solve problems that have not yet been discovered. As such, the real problem of security is the cycle of discovering new problems, evaluating new products and vendors, performing the R&D to select the right product, and purchasing this product and integrating it with all of the other security technologies. Managing the technology after the fact is an important but small part of the whole puzzle. Most companies remain insecure, not because they lack great technology but because they lack the time and money to deploy it.
“Security in the cloud” is a managed security service that redirects traffic through a central security platform, thus stopping bad traffic before it gets to the client. It provides a fully designed, built and deployed suite of security services that can be subscribed to on demand. By accessing a centralised platform or security utility, clients can leverage dozens of security technologies without delay and more economically than they could on their own.
The economic efficiencies gained by one large provider serving many clients, and the speed to market in terms of incorporating new technologies, are critical to a company’s ability to achieve real security. With security in the cloud, clients get the benefit of more security technologies faster and less expensively.
In addition to improved economics and speed of deployment, providers of security-in-the-cloud technology can offer products that are integrated at levels not previously available. An example of this is IDSs and intrusion-prevention systems that take anti-virus signatures into account when blocking potentially offensive traffic.
Tightly integrated deployment of diverse security technologies — the Holy Grail of the industry — remains largely elusive. Security-in-the-cloud service providers can rationalise these integration projects in a way that is impossible for most companies.
The bottom line is that the superior protection, economics and speed of deployment of security in the cloud will further marginalise CPE-based managed security. Large carriers will embrace security in the cloud and this will obviate the need for CPE systems. Traditional MSSPs will be better served if they accept this reality and partner with large carriers to capitalise on this undeniable movement.
— Brad Miller is CEO of Perimeter Internetworking.