Skip the navigation

The pros and cons of MSSPs

Part 1: 10 reasons to outsource security

By Jian Zhen, LogLogic
December 9, 2004 12:00 PM ET

Computerworld - More companies are outsourcing part of their security infrastructure, including firewalls, intrusion-detection systems and virtual private networks, to managed security service providers (MSSP).
There are many reasons why outsourcing may be a cheaper and better way to go. Note that I said "may be" because everything depends on your requirements. If your requirements dictate that all your security devices must be in-house and only two administrators will have access to them, then outsourcing isn't for you. So the first thing you need to do is to document your requirements.
Here are some reasons why outsourcing is an option.
1. Cost
MSSPs can get much better deals from vendors than you can on your own, so hardware and software will be cheaper. Let's do some simple calculations. If you decide to run firewalls in-house, the cost of a pair of Cisco Systems Inc.'s PIX 525 retail plus maintenance is about $20,000. The cost of a dedicated security engineer plus training will cost at least $110,000. (That's a low figure because I haven't added corporate overhead, which could be another 30% to 40%.) Take that over three years, the usual length of the depreciation period, and it costs about $10,000 per month. You can get it for much cheaper with an MSSP.
Generally, you can get a decent service-level agreement (SLA) for $1,000 to $2,000 a month. Over three years, that's quite a big savings.
2. Hardware upgrades
This section may be different depending on the MSSP, so be sure to ask if you are looking to outsource. Basically, hardware gets obsolete very quickly. If you buy your own hardware, in three years, you'll have to spend more money to upgrade. The original investment you made will become a paperweight. But if you go with an MSSP, you can get the hardware upgrade as part of your SLA. For example, let's say Nokia Corp. decides to upgrade its IP350 system to a faster processor. The MSSP would be able to upgrade you for free, whereas without one, you would have to spend money on your own.

3. Software upgrades
As with hardware upgrades, you can get software upgrades included in your deal with the MSSP. Software upgrades are sometimes part of the product maintenance cost (Cisco's PIX 6.1 to 6.3) or an additional cost (Check Point 4.1 to Check Point NG). On your own, you would have to shell out a 15% to 25% maintenance fee, plus whatever additional cost there is to upgrade. With an MSSP, the cost would be covered by the SLA.
4. Vendor support
Because MSSPs buy so much



Our Commenting Policies