Security Device Management
To provide SDM service you need basically 2 technologies:
- Monitoring, to monitor the hardware or software faults and the performance (for ex. CPU and memory usage, storage capacity etc). There are many tools to do it, some free and some not. An example of good work is Cacti
- Management console, to manage the technologies. Usually every vendor has its own management console. So, to manage Fortigate appliances for example, you need the Fortinet management console, for Stonesoft the SMC (Stonesoft Management Console), etc
Gartner's 2013 Magic Quadrant Report for Unified Threat Management (UTM)
Gartner's 2013 Magic Quadrant Report for Enterprise Network Firewalls
Costs of the technologies:
- Monitoring: from 0 up to 100k€. Depending if free or commercial and how many nodes do you want to monitor
- Management: from 0 to 100k€ for every vendor. Some vendors offer it for free, some other wants a license fee.
Log Management & Correlation
To provide this service you need a log collection technology, some of this technologies support correlation between events too.
2013 Magic Quadrant for SIEM (Security Information and Event Management)
Costs:
- Log Management, from 0 up to 100k€, depending how many eps (events per second) do you need to receive and do you need to store.
- Log Management & Correlation, SIEM are very expensive, for 30.000eps you will need something like between 200k€ and 500k€.
Security Assessment
- Vulnerability Assessment, for this service you will need a vulnerability assessment tool, there are many with very similar functions. Some have less false positive, some have more, but usually they are very similar (some vendors will kill me if they read this! hehe). In general, I think it's really better to focus on the "easy to understand" reports than on the ability to find 1-2 more vulnerabilities.
- Penetration Test, for this you will need an exploting framework, needed for penetration tests, web application assessments, etc (there are free like metasploit and commercial like Core Impact)
Gartner 2013 "Marketscope for Vulnerability Assessment tools"
Costs:
- Vulnerability assessment, between 100 and 200k€.
- Exploting framework, from 0 to 100k€
- Other tools used in PT, from 0 to 20/30k€
Early Warning
There is not really a technology to provide this service, you should build one for yourself. When you start with few customers, you can do it easily "by hand", when you reach 10/15 customers then the things become more difficult and you will need to build a custom technology.
DDoS Mitigation
To provide a DDoS mitigation service you will need a traffic cleaning platform aka "washing machine". As far as I know there are just two main vendors: Radware and Arbor.
Costs:
- Between 100 and 200k€ for every traffic cleaning platform, able to clean 5-10GB/s of traffic
I hope you enjoyed this post and has been useful for your work. If you have any question or you want to suggest me a new blog post, please write me by email or comments.
Thanks for reading this.
I’m very affectionate of your blogging and redistribution. Gamingguide
ReplyDeleteThank you so much for sharing information about gartner magic quadrant security.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteWhen it comes to SIEM and security, it is important to have a fully transparent source code, so for log management, I'd definitely go with an open source project, like NXLog, which provides high performance and scalability, and it's free to download to get started with.
ReplyDeleteThis all came about because a sitting President had the courage and took the leadership to lay the groundwork for the United States to act on a decisive plan of direction which open up so many windows of opportunity for millions of Americans.guarantor loans
ReplyDeleteProfessionally written blogs are rare to find, however I appreciate all the points mentioned here. I also want to include some other writing skills which everyone must aware of. cyber security firm
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteWow. This blog provide complete information on how to build Security Operations Centre. Cyber security SOC are very important for you to take care of its information assets, as they are most important for the sake of it.
ReplyDeleteThe main security camera was a c-mount security camera, and they were first presented in the 1970's. BestSecurityPlace
ReplyDeletehidden security system is becoming a necessary part to keep a proper safeguarding at any location ensuring the safety of the place. business security camera system installation
ReplyDeleteWith the assist of Shameera wiest’s blog, humans will come to recognize new techniques for their portray, drawing in addition to photographical hobby. This group is helping humans to recognize special strategies for drawing and painting and i'm glad to wend deep of this weblog.
ReplyDeleteBest IT Salary Guide
Security is of paramount concern nowadays when crime records have almost tripled since the last decade. Most people prefer to hire agents coming from reputed security guard companies security guard
ReplyDeleteAccording to the 2012 report, Global Trends 2030: Alternative Worlds, published the US National Intelligence Council, four technology arenas will shape global economic, social and military developments by 2030. MSI H100M Gaming
ReplyDeleteYou realize that spy camera that the spy utilizes in the motion pictures to take all the brisk snaps of the mystery designs? Prepare to be blown away. They have existed for a decent time. WittySpy.com
ReplyDeleteRecognizing what cameras you're most keen on will settle on your choice a lot less demanding.Witty Spy
ReplyDeleteThank you so much for the post you do. I like your post and all you share with us is up to date and quite informative, i would like to bookmark the page so i can come here again to read you, as you have done a wonderful job. guard company Houston Texas
ReplyDeleteThis is unquestionably the most well known sort of spy cam. Consider it a camera incorporated with regular items which enable it to mix in with pretty much any sort of condition you can consider. they mention it here
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteSurveillance camera frameworks assume a key job in numerous parts of life. Organizations are compelled to manage stock misfortunes either because of pilferage or robbery by shoplifters.
ReplyDeletebuilding intercom system upgrade
The following sections summarize some of the most significant functions that are expected from professional security company in Thiruvanmiyur.
ReplyDeleteQuickly this site will indisputably be famous among all blogging people, because of its fastidious articles or reviews.
ReplyDeletebusiness IP cameras
I have checked this link this is really important for the people to get benefit from.
ReplyDeleteself storage security cameras
What's more, vicinity perusers, attractive card perusers, and savvy cards with installed microchips are standard in numerous physical security settings. Cambridge analytic scandal
ReplyDeleteI like your post. It is good to see you verbalize from the heart and clarity on this important subject can be easily observed... IT Support Companies in Toronto
ReplyDeleteYou make so many great points here that I read your article a couple of times. Your views are in accordance with my own for the most part. This is great content for your readers. security camera installation
ReplyDeleteYou there, this is really good post here. Thanks for taking the time to post such valuable information. Quality content is what always gets the visitors coming. Melbourne CCTV Systems
ReplyDelete