Managed customer premises equipment represents the old way of providing managed security services. This is evidenced by several factors, including the failure of most managed security-service providers to achieve commercial success, despite the fact that large, well-funded companies own many of them.

Managed CPE addresses only a small part of a large problem: the labor required to monitor devices. The larger problem is the ability to keep up with rapidly changing threats in terms of cost and speed. The security world has become complex, growing beyond firewalls and intrusion-detection systems (IDS) - the primary services of managed CPE companies. Today there are hundreds of security technologies that solve varied problems, and new solutions are introduced daily to solve problems that have not yet been discovered. As such, the real problem of security is the cycle of discovering new problems, evaluating new products and vendors, performing the R&D to select the right product, and purchasing this product and integrating it with all of the other security technologies. Managing the technology after the fact is an important but small part of the whole puzzle. Most companies remain insecure, not because they lack great technology but because they lack the time and money to deploy it.

The opposing viewpoint - by Bruce Schneier, CTO of Counterpane Internet Security.
Forum: Your thoughts.

"Security in the cloud" is a managed security service that redirects traffic through a central security platform, thus stopping bad traffic before it gets to the client. It provides a fully designed, built and deployed suite of security services that can be subscribed to on demand. By accessing a centralized platform or security utility, clients can leverage dozens of security technologies without delay and more economically than they could on their own. The economic efficiencies gained by one large provider serving many clients, and the speed to market in terms of incorporating new technologies, are critical to a company's ability to achieve real security. With security in the cloud, clients get the benefit of more security technologies faster and less expensively.

In addition to improved economics and speed of deployment, providers of security-in-the-cloud technology can offer products that are integrated at levels not previously available. For example, IDSs and intrusion-prevention systems that take anti-virus signatures into account when blocking potentially offensive traffic. Tightly integrated deployment of diverse security technologies, the Holy Grail of the industry, remains largely elusive. Security-in-the-cloud service providers can rationalize these integration projects in a way that is impossible for most companies.

Whitepapers

• Gene Kim's Practical Steps to Mitigate Virtualization Security Risks
• Selecting Effective Virtual Directories
• A Modern Approach to On-Demand Email and Data Security
• Best Practices for HP Servers and HP Enterprise Virtual Array in a Microsoft Exchange
• Compliance, Protection, Recovery: A Layered Approach to Laptop Security
• Endpoint Security: Data Protection for IT, Freedom for Laptop Users

View more SECURITY whitepapers

Webcasts

• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage
• Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management On-Demand

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• Learn how to Keep your Mobile Workforce Connected
• The self-managed network

View more SECURITY special reports