ISS Broadens Management Mandate

Think of its new Virtual-SOC as security outsourcing on demand

Terry Sweeney, Contributing Editor

May 10, 2006

2 Min Read
Dark Reading logo in a gray background | Dark Reading

In moving to a richer management platform, Internet Security Systems Inc. is looking to NOC your SOCs off.

The managed security services provider last week unveiled its Virtual Security Operations Center (SOC), a riff on network operations centers (NOCs) used by carriers and large enterprises for IT mission control.

With Virtual-SOC, an enterprise can outsource pieces of security management and retain others, depending on threat level, function, budgets, and other variables, according to John Wheeler, director of managed services deployment and integration at ISS. A Protection-On-Demand feature lets customers offload security management at the end of the day or week, or during heightened alert periods. Either way, they get a single interface to onsite and remotely managed devices and networks, which the Atlanta-based managed security services provider claims will save customers money.

Virtual-SOC also has server log management and reporting functions that can show all sorts of network, application, and end-user behavior. The feature is an obvious appeal to compliance-minded customers looking to a reliable third-party in the event that regulators or corporate officers demand any kind of historical data.

ISS is also trying to forestall competition from security information management (SIM) vendors like ArcSight and Intellitactics, according to Kelly Kavanagh, research analyst with the Gartner consultancy. But he says customers also want to go beyond managed firewalls and outsourced intrusion detection-and-prevention systems that have been the mainstay of outsourced security services for several years now.

"Customers are looking at the ability to gather data from devices that are beyond the normal scope of what's monitored 24x7 to get a broader view of what their security posture looks like, and to do investigative forensics work," Kavanagh says. "There might be an internal incident that needs to be looked into from a compliance perspective -- someone getting access to an app they shouldn't have access to, or someone doing work from a location other than their office.” ISS and other service providers hope to attract customers that don’t want to build such systems themselves or add the personnel to monitor them.

Virtual-SOC will be available in August. Pricing depends on the type of service or equipment in question, volume, and length of contract:

  • Network-class devices (firewalls, network IDS/IPS); less than $100 per device per month up to $200

  • Server-class devices (server-based IPS); less than $50 per device per month up to $100

  • Host-class devices (end-user desktops); less than $0.04 per desktop per month up to $0.10

— Terry Sweeney, Editor in Chief, Dark Reading

Organizations mentioned in this story

Read more about:

2006

About the Author

Terry Sweeney

Contributing Editor

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, Network World, InformationWeek and Mobile Sports Report.

In addition to information security, Sweeney has written extensively about cloud computing, wireless technologies, storage networking, and analytics. After watching successive waves of technological advancement, he still prefers to chronicle the actual application of these breakthroughs by businesses and public sector organizations.


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights