• United States
by Brad Miller

Yes, ‘security in the cloud’ is the way to go

Feb 13, 20063 mins

Two experts debate whether outsourced security services are better than CPE-based systems.

Brad Miller, CEO of Perimeter Internetworking, argues in favor of ‘security in the cloud.’

Managed customer premises equipment represents the old way of providing managed security services. This is evidenced by several factors, including the failure of most managed security-service providers to achieve commercial success, despite the fact that large, well-funded companies own many of them.

Managed CPE addresses only a small part of a large problem: the labor required to monitor devices. The larger problem is the ability to keep up with rapidly changing threats in terms of cost and speed. The security world has become complex, growing beyond firewalls and intrusion-detection systems (IDS) – the primary services of managed CPE companies. Today there are hundreds of security technologies that solve varied problems, and new solutions are introduced daily to solve problems that have not yet been discovered. As such, the real problem of security is the cycle of discovering new problems, evaluating new products and vendors, performing the R&D to select the right product, and purchasing this product and integrating it with all of the other security technologies. Managing the technology after the fact is an important but small part of the whole puzzle. Most companies remain insecure, not because they lack great technology but because they lack the time and money to deploy it.

The opposing viewpoint – by Bruce Schneier, CTO of Counterpane Internet Security.: Your thoughts.


“Security in the cloud” is a managed security service that redirects traffic through a central security platform, thus stopping bad traffic before it gets to the client. It provides a fully designed, built and deployed suite of security services that can be subscribed to on demand. By accessing a centralized platform or security utility, clients can leverage dozens of security technologies without delay and more economically than they could on their own. The economic efficiencies gained by one large provider serving many clients, and the speed to market in terms of incorporating new technologies, are critical to a company’s ability to achieve real security. With security in the cloud, clients get the benefit of more security technologies faster and less expensively.

In addition to improved economics and speed of deployment, providers of security-in-the-cloud technology can offer products that are integrated at levels not previously available. For example, IDSs and intrusion-prevention systems that take anti-virus signatures into account when blocking potentially offensive traffic. Tightly integrated deployment of diverse security technologies, the Holy Grail of the industry, remains largely elusive. Security-in-the-cloud service providers can rationalize these integration projects in a way that is impossible for most companies.

The bottom line is that the superior protection, economics and speed of deployment of security in the cloud will further marginalize CPE-based managed security. Large carriers will embrace security in the cloud and will obviate the need for CPE systems. Traditional MSSPs will be better served if they accept this reality and partner with large carriers to capitalize on this undeniable movement.

Miller is CEO of Perimeter Internetworking. He can be reached at brad Andrew Greenawalt (agreenawalt@perimeter, founder and CTO of Perimeter Internetworking, also contributed to this column.

The opposing viewpoint – by Bruce Schneier, CTO of Counterpane Internet Security.: Your thoughts.