Symantec Managed IDS/IPS with Sourcefire
September 09, 2009
starts at under $500 per month per device
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: IPS managed service with option of having full-scale network security device management.
- Weaknesses: Can become expensive.
- Verdict: Solid monitoring service, if a bit expensive.
The Managed IPS/IDS from Symantec is a fully managed system with Sourcefire IPS as its backbone. Alongside of the IPS, Symantec can also manage many other network security devices, including firewalls, intrusion detection and prevention systems, and log collection platforms. This creates the ability for a customer to completely outsource all security management and monitoring to Symantec for ease of management, as well as streamlining reporting and event notification.
Customers can access the Symantec Secure Internet Interface to view various incidents, device information, logs and tickets. The main dashboard of the interface includes historical views of security incidents in the last 90 days, as well as top attacks and top attackers from the last 24 hours.
The company relies on solid 24/7 monitoring of customer networks via its security operations centers. These centers use a combination of data mining and human analysis to provide customers with specific recommendations for proactive and preventive security measures.
Documentation supplied by the company is comprised of two PDF manuals. The first is a user guide for the Secure Internet Interface.This guide provides in-depth, step-by-step instructions on using the interface, but, unfortunately, it has no screen shots or visual examples.
The second is the operations manual, which contains a vast amount of information and instructions on the services provided, as well as assistance in using the various services. This guide does include many screen shots, diagrams and examples.
Symantec offers various types of support for its provided managed services. These plans include gold and platinum firewall monitoring, as well as gold and platinum firewall management. These levels include various support options, such as maintenance and update response times.
At a cost starting at about $500 per month per managed device, this service from Symantec can become expensive for full-scale network device monitoring. However, we do find that the service also provides a solid monitoring and management service across many device types. So, we find it to be a good value for the money.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes