smoke and mirrors has been one of the issues with managed service
providers and especially managed security providers for sometime. Just
becuase they may sell you a service for IDS does not mean alot if the IDS
is setup on the exterior of the network and they are constantly alerting
you and your staff of 'intrusion detections' 30-500 times a day. In fact,
it tends to devalue such 'warnings' to the point folks tend to just start
routing those reports to the trash bin. Thourough reading of contracts in
such outsourcing aggreements is a must, as well as *understanding* what
those contracts are really saying.
Thanks,
Ron DuFresne
On Wed, 27 Jun 2001 [EMAIL PROTECTED] wrote:
> Biased is ok. How does one go about validating that a managed service
> provider stuff is actually working?
> Is there some sort litmus test procedure that the customer has to sign off
> signifying that the manage service provider selected is actually receiving
> and responding to valid intrusions?
> How long is the tuning process to adjust to particular customer's environment
> How long is the provisioning process from signed contract to actual turning
> up the customer and handing them over to ops or monitoring?
> What type of people are actually doing the monitoring (certified and
> trained security experts) or (people off the street and then becoming a
> human IDS)??
>
> DigitalMojo does not state how they do this except a bunch of smoke and
> mirrors about ShadowPatrol or ShadowWatch, playing off the them of "Only
> the Shadow Knows".. There has to be more to managed security services than
> this ??
>
> /m
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
