Security operations services


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • With increasingly sophisticated security threats coming from all directions, it is important to keep pace with technological advances to counter and stay ahead of malicious influences intent on disrupting your services and business. The challenge for any IT manager is to achieve and maintain effective levels of information security, within budget, utilizing the most current industry available capabilities. Enterprise security continues to grow in complexity so often new technologies (or solutions) need to be added, which means that staff skills must be continuously updated and which can lead to higher costs.
  • Here we emphasize the fact that IT staff have better things to do than support a wide range of security solutions. It’s best to leave such tasks to experts who will perform the task better, more efficiently and (when supported by a larger organization such as S&T) will be available around the clock, as needed.It makes little sense for any (except the largest) companies to have an electrician on the payroll 24/7, similarly it makes little sense to have a security expert on the payroll (and a routing expert, and a SAN expert, and a storage …)Companies usually require at least 10x5x2 “changes and removes” process and 24x7 availability. To provide this they must have at least 2 educated persons for security solutions. Staff skills need to be continuously updated which could lead to high education cost.
  • Detailed explanation:Regular system administration (backups, upgrades, updates, maintenance)Regular service administration (Adds, changes and removes, business as usual)Preparation and maintaining of documentation (settings, instructions, procedures ...).
  • Depends on existing customer environment, subscriptions, and equipment
  • How security fits into the IT pictureDesignand/or transition and analysis services during the move to outsourcing (covering customized selection of IT components and services – indicated by arrow)Support services + monitoring + required admin services + managedinfrastructureservices(again covering a customized selection of IT components and services – indicated by arrow)
  • An example of infrastructure monitoring and interaction between S&T and the customer.On the customer side the specifics of interaction depend on the customer Helpdesk infrastructure, level of outsourcing and the customer’s requirements. The customer may require interaction with the S&T helpdesk by it’s own helpdesk, by IT staff or by end-users.Notes on this diagram:The central component is the S&T Monitoring, Alerting and Reporting standard outsourcing component (monitors). Using this component S&T transforms reactive support services into proactive infrastructure availability services.Critical and failure alerting is usually via SMS to the Helpdesk and/or on-call outsourcing engineer. This results in callout and escalation to Level 2 product specialists as required.The interface with other customer business partners is not shown on this diagram but is also an important part of the SLA definition. For example in certain cases it may be necessary for a customer business partner to call out S&T (or S&T needs to call out a customer business partner to be able to fulfill its SLA obligations)
  • We don’t really emphasize cost savings here. Unless we perform a lot of additional services the cost savings may not be significant. However the customer is offloading a risk and getting service level guarantees, something that they probably don’t have from internal IT.It a tried and true formula – specialization (or use of a specialized provider in this case) reduces costs and increases performance. It does not make economic sense for IT departments to have a complete complement of specialized staff as staff and training costs would be too high.There is also an element of risk management. One method of reducing risk is to transfer the risk and responsibility to a 3rd party. S&T.Staffing flexibility. We don’t emphasize staff cuts here, we talk about staff not having to be on-call, work out of hours, inflexibility with holidays etc.
  • As a system integrator we can offer at least 2 different solutions for each service. The best solution on the marketplace is always an option with S&T – this is not the case with vendor pushed solutions.
  • Security operations services

    1. 1. Security Management Services<br />
    2. 2. Security Management ServicesOverview<br />Chapter1 Security Management Challenges & Solutions<br />Chapter2 Definition of the services<br />Chapter3 Phases of Implementation <br />Chapter4 Value added for the customer<br />Chapter5 Customer testimonial <br />Chapter6 Why S&T services?<br />
    3. 3. Chapter 1<br />Security Management Challenges & Solutions<br />
    4. 4. Security Management Services Challenges & Solutions<br />CHALLENGES<br />SOLUTION<br />24/7 reliable and professional pro-active services for business critical environments<br />Highly trained experts with extensive experience in the design, implementation, and administration of security solutions<br />Remote or on site delivery of outsourcing services<br />SLA based availability and performance <br /><ul><li>Every company needs reliable and secure internet access
    5. 5. Staff skills need to be continually updated leading to high education costs.
    6. 6. Security logs must be continuously and pro-actively monitored.
    7. 7. Security incidents demand pre-planned and coordinated responses.
    8. 8. Proposed security policy changes must be analyzed and carried out without delay.
    9. 9. Security is not customer’s core business</li></li></ul><li>Chapter 2<br />Definition of the services<br />
    10. 10. Security Management Services Service definition<br />24x7 system and service administration, <br /> business as usual<br /> monitoring, reporting, analyses and alerting<br /> documentation and procedures<br />Equipment, facilities and license owned by Customer <br />Equipment, facilities and licensing provided by S&T<br />Firewalls<br />Intrusion Prevention (Detection) systems<br />Email security <br />Web security with application control<br />
    11. 11. Security Management Services Service definition<br />
    12. 12. Security Management Services Service definition<br />
    13. 13. 9<br />Security Management ServicesServicedefinition<br />Consultancy andIntegration<br />Transition & ImplementationServices<br />Design & DevelopmentServices<br />IT ServicesManagement<br />Administration Services<br />Monitoring Services<br />Managed Services<br />Support & Maintenance Services<br />Security<br />IT Strategy<br />“IT”<br />Business Strategy<br />
    14. 14. Security Management ServicesManaged services delivery approach<br />10<br />
    15. 15. Chapter 3<br />Phases of Implementation<br />
    16. 16. Security Management ServicesPhases of implementation<br />Phase 1<br />Phase 2<br />(optional)<br />Phase 3 <br />Phase 4<br />Assesment of existing Security infrastructure <br />Security Design<br />Initial Installation <br />Operational Management<br />Service Transition <br />Definition<br />Documentation (schemes, concepts)<br />Project scope<br />Configuration<br />Integration<br />Documentation<br />Administration,<br />Configuration,<br />SLA, …<br />(HW/SW main.)<br />Service managed and monitored by S&T<br />Result<br />
    17. 17. Security Management ServicesOperational Management<br />
    18. 18. Security Management ServicesOperational Management (cont.)<br />
    19. 19. Security Management Services HW/SW Maintanance (Add-on service)<br />
    20. 20. Security Management ServicesTechnology used and supported<br />Firewalls <br /><ul><li> Cisco ASA, PIX
    21. 21. Check Point
    22. 22. IBM Proventia MX</li></ul>IPS<br /><ul><li>Cisco
    23. 23. Check Point
    24. 24. IBM Proventia GX</li></ul>Email and Web Security<br /><ul><li>ClearSwift
    25. 25. SafeNet
    26. 26. Ironport
    27. 27. Websense
    28. 28. BlueCoat</li></li></ul><li>Chapter 4<br />Value added for the customer<br />
    29. 29. Security Management Services<br />Customer benefits<br />
    30. 30. Chapter 5<br />Customer Testimonial<br />
    31. 31. Security Management Services Description of the Customer<br />“<br />The Mercator Group is one of the largest and most successful commercial chains in South-eastern Europe; it is the leading commercial chain in Slovenia and is now operating in seven markets of the region: Serbia, Croatia, Bosnia and Herzegovina, Monte Negro, Bulgaria and Albania. These are all swiftly growing markets, and with shopping malls in capitals and regional centers Mercator strives to become the first or second largest fast-moving consumer goods retailer in each market. Mercator is also an important retailer in the region in specialized technical program, clothing and sportswear.<br />”<br />
    32. 32. Security Management Services Customer Testimonial<br />“<br />» In Mercator we rely on experts from S&T Slovenia for the administration and supervision of Firewall and networking equipment on the network perimeter in the six countries within which our company operates. S&T takes care of business as usual tasks such as management and changes to configurations as well as actively monitoring the complete operation of the system ensuring minimal downtime and the quickest possible return to operation in case of unexpected incidents causing downtime.<br />We are very satisfied to have found in S&T Slovenia a reliable and skilled IT partner, able to provide deep technical knowledge and a complete service package «<br />”<br />
    33. 33. Chapter 6<br />Why S&T Services?<br />
    34. 34. CHAPTER 5 Security Management Services Why S&T – overview of the company<br />Quick facts<br />Business mix <br /><ul><li>€ 411 M annual revenue
    35. 35. No.1 consulting company in CEE region
    36. 36. One of thelargest IT service provider
    37. 37. Operating in 19countries withmore than 2600 professionals
    38. 38. Certified experts in every country (IBM,HP,CISCO,Check Point, MS,...)</li></li></ul><li>CHAPTER 5 Security Management Services Why S&T – security solutions<br />Quick facts<br /><ul><li>Vendor independent
    39. 39. Multi-vendor solutions
    40. 40. Trained and educated staff
    41. 41. Advanced partnership status with different vendors </li></ul>Strategic partners<br /><ul><li>Cisco
    42. 42. Check Point
    43. 43. IBM (ISS)
    44. 44. Clearswift
    45. 45. SafeNet
    46. 46. Websense
    47. 47. BlueCoat</li></li></ul><li>CHAPTER 5 Security Management Services S&T experience<br /><ul><li>Efficient IT operations services used by numerous companies region-wide
    48. 48. Information security (ISO 27001) certified processes
    49. 49. Experience in the most complex IT environments
    50. 50. Competent and certified staff
    51. 51. Consulting and integration expertise</li></li></ul><li>SecurityManagementServicesThankyou<br />Questions and debate ...<br />