<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
BLOG

From Selling Solutions to Managing Security—Becoming a MSSP

October 13, 2016

MSSP Managed Security Service Providers

We’ve discussed choosing the right managed security service provider (MSSP) in the past. However, understanding the inherent value of shifting to a hybrid approach to security with an MSSP is only half the battle.

The reality is that the same vendors that have sold you in-line security appliances for years are starting to become MSSPs themselves.

If you’re just starting to shop for managed security services, you should understand the path vendors are taking to transform their business models.

When you Tweet: Understand the details of a shift from selling solutions to managing #security: http://ctt.ec/9Qbh0+ #NetworkSecurityunderstand the details of a shift from selling solutions to managing security, you can make a more informed decision about who you’ll partner with to ensure total network protection. 

The Need for Vendors to Change Business Models

The increasingly complex threat landscape is causing a shift in the cyber security community from solutions sales to managed security services. Intel Security, in particular, has redefined its entire channel partners strategy to eliminate siloed endpoint solutions and has started offering protective services for the full threat-defense life cycle. 

As cyber attackers continue to prove they are two steps ahead of security efforts, the need for vendors to shift toward managed services will amplify. However, this shift won’t necessarily be an easy one.

Commenting on the shift from traditional solutions sales to managed services, President of Information System Architects Ken Dawson said, “My belief was that I could take any extra capacity in my professional services team and throw them at my Security Operations Center and staff if that way.” Dawson and other security vendors are running into problems throughout the transition.

New Call-to-actionThe more you learn about these challenges, the more power you will have in the buying process for managed security services.

4 Challenges Vendors Face When Shifting from Selling Solutions to Managing Security

There is a stark contrast between the relationship a security vendor has with its customers and the relationship an MSSP has with its clients. Security vendors build relationships on the promise that they can prevent cyber attacks or detect them quicker than competitors. MSSPs, on the other hand, have an intimate relationship with their clients as they experience the days of crushing data breaches and the days of successful prevention. 

Aside from having to get used to a new type of relationship with customers, vendors looking to become MSSPs also face the following 4 challenges:

  1. The need for new personnel: Vendor sales staff may have expertise in selling particular cyber security products, but that doesn’t mean they can make a quick transition into managed services. MSSPs require a staff of highly-trained and certified professionals to work seamlessly with customers of all sizes.  
  2. Developing the tech infrastructure: In addition to filling out the security tool set with the necessary firewalls, IPSs, IDSs, forensics tools and more, a remote monitoring and management (RMM) solution is essential to successful managed services. Vendors on the journey to managed services must also determine whether or not they will have a specialty, which will likely require a separate set of tools in addition to typical solutions.
  3. Adapting to a new pricing model: Monthly billing is almost ubiquitous in the MSSP world. However, vendors typically aren’t used to this kind of pricing model with their solutions sales. Before trying to find customers, MSSPs should determine the various tiers of services they will offer and the monthly pricing model that accompanies them.
  4. Mastering a new business model: The costs and delivery methods for solutions sales are much different than for managed services. Vendors who want to make the shift must master the new standards if they want to make a profit.

When you’re shopping for an MSSP to partner with, consider these challenges they may have faced (or may currently be facing) if they were once a solutions vendor. The more questions you ask, the better your eventual decision will be.

Visibility Doesn’t Stop with High-Level Business Questions

While many of the points made here are focused on the business perspective of shifting from security vendor sales to managed security services, there is a deeper level of technical expertise that MSSPs must adhere to if they want to succeed in the market.

One fundamental aspect of this technical expertise is ensuring the services you’re provided with have guaranteed visibility into all network traffic. Tweet: If your #MSSP can’t offer visibility into every byte, their higher-level business strategy won’t matter much: http://ctt.ec/9aT_m+If your MSSP can’t offer visibility into every bit, byte and packet®, their higher-level business strategy won’t matter much.

 


 

See Everything. Secure Everything.

Contact us now to secure and optimized your network operations
Contact Us

Heartbeats Packets Inside the Bypass TAP

If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.

If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.

While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.

Some of you may have noticed a flaw in the logic behind this solution!  You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.

Glossary

  1. Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.

  2. Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.

  3. Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.

NETWORK MANAGEMENT | THE 101 SERIES