At 07:20 PM 8/23/00 -0500, Frank Knobbe wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>
>That's right. This market is evolving but runs a similar course to
>home security. There were alarm system manufacturers, companies and
>install them, and then companies that monitor them. The same will
>happen to IT security. There are the manufacturers, the consulting
>firms, and now monitoring companies.
OK, let's then put into your thinking then. Manufacturers: vendors who
make firewalls, IDS, virus protection, etc
Installers - high end to low end consulting services that install and
configure them (rack and stack )
Consulting - verify that everything looks and smells ok, the alarm trips
when the door is locked type of thing. (Don't really do to much).
Monitoring companies - 24 x7 if the alarm trip they call or page you.
OK, so where does online security services come in, mind you the category I
am talking about is very ill-defined, especially when they advertise they
are a one-stop security solution but they are just going after replacing
the Consulting piece stated above.
BTW, Installers are usually part of the Manufacturers, since Manufacturers
are the only ones who really know the product better than anyone else.
So therefore how can Online Security Services no more than then the
manufacturers. Oh, I know they must have been sprinkled with security
pixie dust.. :) So ok, they are bonafide security experts who do lots and
lots of research and understand the amount of time it takes to build an
over 2200 exploits, security patches and vulnerabilities database that
could possibly be outdated in less than 48 hours given the current state of
flux in Internet Security.
>The problem I see is that pretty much everyone wants to do it all,
>trying to present themselves as a one-stop security shop.
The one stop solution model stopped working a while back, it is more of a
partnering type of ASP, MSP type architecture these days. Not one company
can do it all,and what end it ends up doing is confusing CIOs, CEOs on who
to go with. The biggest result for each security dollar spent.
>Computer security companies are moving towards physical security
>(with pen-tests), traditional security companies
I tend to agree that until the market segments are more fully formed, it is
hard to tell the good players from the bad players.. Unless some magazine
does nice thorough and detailed review.. :)
/m
>(heck, even
>bodyguard shops) are moving towards computer security. I wonder where
>this will all end...
>
>Regards,
>Frank
>
>-----BEGIN PGP SIGNATURE-----
>Version: PGP Personal Privacy 6.5.1
>Comment: PGP or S/MIME (X.509) encrypted email preferred.
>
>iQA/AwUBOaRqR0RKym0LjhFcEQIKJgCg1UKQnKuS/JAsxZhdC69fJvKazLsAn213
>tMZ3WIUPVfdlXW+RRFVstB6Q
>=OFP6
>-----END PGP SIGNATURE-----
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
