SecureWorks Managed IDS/IPS
Strengths: Solid security device management platform.
Weaknesses: Focused on managing an existing security infrastructure.
Verdict: Excellent management service for existing security log-generation environments. The availability of the iSensor device is a plus.
The core of the SecureWorks managed services is the Sherlock Security Platform. With this platform, SecureWorks can bring together and aggregate all logs and events from almost any security device on the network. This allows for SecureWorks analysts to get a solid view of what is happening across the entire network. Also provided is the iSensor IPS, which is managed and monitored 24/7 by the SecureWorks team.
Customers can access the SecureWorks web-based portal to view all aspects of the protected network.
This provides views of threat and vulnerability trends, as well as real-time alert views. Customers can create and view reports and scanning summaries.
The company provides real-time, 24/7 management and monitoring of firewalls, network IDS/IPS, web application firewalls and integrated appliances. This is done by intrusion analysts, who are constantly monitoring for emerging threats from four security operations centers. Certified experts at these centers provide full lifecycle management and monitoring of security devices ensuring customers are protected from even the newest threats.
Documentation includes two PDF guides. The first is an installation and portal guide, which illustrates how to use the portal, as well as explains various portal features. The second is an implementation guide, which provides an overview of the service implementation process.
SecureWorks provides solid 24/7 support via phone and email. Response times are guaranteed by the SLA to be within 15 minutes for critical incidents and emergency help desk requests, and within one hour for standard help desk requests. The portal also has a help section where customers can access detailed service documentation, training materials and FAQ-type information.
At a price starting at around $550 per month, we find this service to be a good value for the money for customers who already have a lot of existing devices that they would like to have managed by the Sherlock Security Platform, along with the added benefit of the iSensor IPS device.