["With the capital crunch, service providers are] holding back on [planned expansions] in many cases and, instead, focusing on getting more money out of existing customers through value-added services, and security is on the top of the list." --David Flynn, vice president of marketing, NetScreen Technologies Inc.
With the proliferation of "always-on" broadband access, more "open" networks, and a proud history of the illegal activity in select enclaves of the computer industry, chances of your network being hacked are now better than ever, with prospects to increase even more in the future.
News recently came across the wire that mighty Microsoft Corp. (www.microsoft.com) itself had been hacked. And denial of service attacks about a year ago of popular websites Yahoo! Inc. (www.yahoo.com) and eBay Inc. (www.ebay.com), among others, resulted in approximately $100 million in lost revenue.
"That's just tip of the iceberg in terms of threats," says Ted Julian, chief strategist and co-founder for Arbor Networks Inc. (www.arbor.net).
The increasing number of broadband connections in use today means people can more quickly flood websites, Julian explains. Peer-to-peer networking, through popular services like Napster, ties together millions of users, potentially enabling an attacker to tap all those systems as a staging point for an attack launch, he adds. And there are huge liability concerns for CLECs and other carriers whose systems could be compromised and used to launch an attack, he continues.
"It's just a matter of time before we see the compromising of routers and other public telecom and datacom equipment," he says. "You could just flood routers with bogus traffic, for example. Or you could use router configuration tools to route all traffic to a dead end. That's why denial of service is a big deal--we're only beginning to see the risk."
Since network security is an area of increasing concern for corporations, the providers that already offer these companies web hosting and transport services can realize another revenue stream by adding hosted security services to the mix, says Julian. In fact, Arbor focuses specifically on enabling public network operators to offer denial of service prevention solutions to corporations by wholesaling that capability.
Outsourced security solutions is a growing industry, says Todd Miller, analyst with the Yankee Group (www.yankee.com). Miller says there are at least 95 companies worldwide offering managed security services, some direct and some on a wholesale basis to other service providers. The managed security business worldwide generated about $200 million in annual revenue in 1999, and that's expected to grow to $2.6 billion by 2005, according to Yankee.
Miller puts these companies into two groups. The first includes companies like Sprint Corp. (www.sprint.com) and WorldCom Inc. (www.wcom.com) that offer such services as outsourced VPNs and managed firewalls. The second is companies such as Arbor, Counterpane Internet Security Inc. (www.counterpane.com), Riptech Inc. (www.riptech.com) and Securify Inc. (www.securify.com) that do managed intrusion detection. This includes denial-of-service prevention, which some consider a more involved service.
"DOS is a little more tricky, so you have to watch everything all at once," he says. "Previously, people have only been able to study logs, and logs don't do very much for you when the attack is happening."
Arbor's subscription service is based on a distributed architecture of Pentium servers running Arbor software. Arbor operates and updates them to guard against new threats. "It's critical that a solution to this problem be distributed; you have to have a distributed solution that is sprinkled through the system, so [it] can see problems as they come into the network," says Julian. "If you're only filtering at the website, you're probably too late."
Probes are deployed around the network to get a baseline of what normal traffic looks like and to seek out anomalies. "We have patent-pending technology to analyze anomalies," says Julian. The technology can differentiate between spikes in traffic due to a popular webcast, for example, vs. traffic increases due to denial of service attacks, he says.
By comparison, most website operators or their web-hosting companies respond to irregularities by having a network engineer comb through router logs to find the source of concern, says Julian.
As of mid-January, two regional ISPs, Merit Network Inc. (www.merit.net) and Stargate (www.stargate.net), out of Pittsburgh, were beta testing Arbor's service.
One good argument for outsourcing security is a lack of available human resource experts in this field, says David Flynn, vice president of marketing for NetScreen Technologies Inc. (www.netscreen.com), which sells appliances that do traffic shaping for security services. At the same time, carriers are looking for new ways to get added revenue out of their current customers. That's why security outsourcing is growing in popularity, says Flynn.
"There's a continually heightened awareness of security. Microsoft just got hacked," says Flynn. "We're all hearing about the capital crunch of service providers. They were all involved with land grabs--lots of news on new data centers and new access builds. But now they're holding back on those in many cases and, instead, focusing on getting more money out of existing customers through value-added services, and security is on the top of the list."
And a service provider with existing corporate customers, but without a great amount of expertise on the security front, can use an Arbor or Riptech, for example, to enable them to offer a bundled solution including transport and security. Gigabit Ethernet service provider Yipes Communications Inc. (www.yipes.com) did just that, having recently cut a deal with Riptech.
"Yipes [has] a web-hosting environment. Yipes also turns up Internet service to corporate clients. Those clients need security and don't have in-house staff to do that. It's also incremental revenue per customer. So they have a top-notch security offering, zero time to market, zero startup cost," says Amit Yoran, co-founder, CEO and president of Riptech.
Riptech offers 24/7 security monitoring and management of corporate firewalls, VPNs, intrusion detection systems, and more. Riptech will do patches and updates, as well as monitor networks in real time, receiving alerts, logging data and auditing data from various network devices.
"Most security breaches occur because the security environment is not maintained," notes Yoran. "It's usually not because a company doesn't have firewall, it's because the firewall wasn't patched. These well-known vulnerabilities account for 90 to 95 percent of intrusions."
Yipes is Riptech's first carrier customer, but Yoran says his company expects to announce additional carrier reseller customers in the coming months.
In another move of a more traditional telecommunications carrier expanding into the security space through resale, South Carolina-based NewSouth Communications Corp. (www.newsouth.com) has teamed up with DefendNet Solutions Inc. (www.defendnet.com) to deliver Internet security services to small and medium-sized businesses throughout the South. NewSouth already is a provider of data, Internet, equipment, cabling, and local and long-distance services. DefendNet offers managed Internet security solutions, including firewall and encryption technologies with round-the-clock security monitoring, analysis and reporting. "Partnering with DefendNet to sell its services allows us to swiftly enter the fast-growing market for managed Internet security," Michael L. LaFrance, president and CEO of NewSouth Communications, said in a written statement.
Even some vendors that want to offer security services are getting into those managed services through partnerships.
Marconi Corp. plc (www.marconi.com), for example, earlier this year unveiled Marconi Security Services, a suite of network security services aimed at enterprise, e-commerce and service provider customers. But Marconi is reselling Internet Security Systems Inc.'s (www.iss.net) hosted firewall service for that facet of its offering. Marconi is "growing" a managed firewall offering internally as well, according to Mike Lancas, services product manager at Marconi Service, which offers design, implementation and maintenance of a secure network, as well as vulnerability assessment.
"More and more of our clients are outsourcing security," says Lancas. "Security is becoming a process instead of just a product. The nature of the hacker industry is just becoming brilliant."
|
