A general shortage of staff has led to more use of managed security services, and aside from overall coverage, we have also seen new services offering management of specific technologies.
I recently sat down to discuss such an offering, specifically for firewalls. IT Specialists (ITS) has launched BlackVault Guardian, a managed firewall service that is offered as part of the BlackVault Managed Recovery Platform solution. The managed element is based on the ITS private cloud platform, or on an appliance stored on-site at the customer’s location.
As this is a managed service, BlackVault Guardian allows IT staff to reduce the amount of time they spend managing equipment and system settings. The concept interested me, as the focus is upon the managed service, so I spoke with UK head of ITS Matt Kingswood, who explained that the concept was part of its history in working with small to medium enterprises, and it spotted the gap in the market.
“One of them is that businesses have a firewall in place, but it is inadequate as it is not serviced or up to date, and often under powered and the IT department is aware but not aware of how to keep on top of it,” he said.
“IT is aware of the problems and that is where businesses have conversations, but it takes people time to flip from in-house to outsource it but the market is moving to outsource as IT departments have buy-in at senior level and look at statistics that 85% of businesses are concerned about cyber-threats.”
If we believe the PR from Palo Alto Networks that “the firewall is dead”, I asked Kingswood if the firewall is something of a 1990s problem? He agreed that the failure to manage comes down to overstretched IT, and often the legacy firewall ticks boxes until there is an attack.
“We all agree that the best thing is multiple layers of protection and not protect everything in one place, but with BlackVault Guardian there is the task of managing the perimeter and the task of acting as an independent sentinel within the network and gateway; we watch what is coming in and out of the gateway and what is compromised inside the network,” he said.
Scott Frieszell, hardware technical support director of Reynolds & Reynolds, ITS' US-based parent company, told Infosecurity that when working with customers they could see a firewall but often found that there had been no work on it for a long time.
He said: “Being in businesses and administering six data centers, I know the importance of what they are doing and who is trying to compromise it and customers know what is available and know what they are doing. So we bring tools in and put them in place and have resources in place to do it."
“With BlackVault Guardian we put the firewall in place and it does not just sit and run, but gives weekly or daily reports and any security changes to make it better, so we provide information to the customer and from the employee side, we realized customers were concerned about associates so we work with them to provide robust filtering and access.”
The company explained that the firewall sits on a customer’s network as a perimeter/edge device, a user receives a pre-configured firewall and after the initial set-up, agreements are made on reports and the level of attention that the user wants. Kingswood said that this is not representative for those who believe that security is a 9 to 5 job, and often they found that managed service support was lacking for firewalls.
Kingswood said: “Customers have not thought about how to bring themselves back online and have remote access for users, but that is massively important in a disaster recovery situation as everyone logs in remotely and we focus on the basics. We have it set up for you and it is important as within disaster recovery everyone wants to access systems remotely, and we put in disaster recovery and want access.”
He concluded by saying that the world has changed for the firewall and often compliance and audit routines are down the list, while its offering can help solve that. The company said that features offered as part of the service include intrusion detection and prevention; deep packet inspection; port scanning and protocol inspection and perimeter anti-virus and malware blocking.
While managed services offer something that the typical product does not, what interested me with this product was the continuing support for the firewall – a mainstay of layered network security. If the BlackVault Guardian is a success, then I expect more perspective to be given to the firewall the like of which we saw around 2010.