Security at your service

David Sandin advises offering security as a service in order to free up resources for core business activity

Being able to provision and manage virtual next-generation firewalls as a service offers many benefits to your customers, such as network protection, flexible deployment and lowered capital costs.

This provides a great opportunity to broaden your service offering and upsell existing customers.

There is certainly market demand for more hosted security services. But while these are easy and convenient for the customer, they may not be as convenient for you to deliver.

First, offering the service demands upfront investment from you, in purchasing the security gateways and appliances, as well as the overhead of provisioning, managing and updating the appliances on your customers' behalf.

Also, delivering the services effectively can sometimes require in-house, detailed product expertise – which could be a barrier for some resellers or service providers.

Why shouldn't vendors be able to offer virtual security appliances, ready-made and provisioned for a hosted service offering, as a service both to their partners and to end users?

This approach would mean that resellers and service providers can offer fully managed security and network access control as a service to their customers.

The service provider gets exactly the same benefits as its customer – simply reselling security as a service at a healthy margin.

This enables the partner to achieve profitability on the service from day one, and make the most of existing service delivery and management skills.

It is fully flexible and scalable. The provider simply establishes the customer's need, and does not need to worry about delivery issues such as available capacity, ports or performance.

The provider simply requests the appropriate specification from the vendor, which then must fulfil the requirement through the provider.

If the customer needs to expand or shrink their use of the service, the request is again simply passed to the vendor for handling.

The customer can do some of the security management tasks itself, or the provider can handle these as part of the overall service package.

Neither customer nor partner needs to worry about product issues such as using the latest OS version, or updates.

They can simply focus on what is right for their business and let the vendor handle product maintenance and updates.

Security features can also be chosen according to customers' needs – standard protections could include firewall, VPN remote access capability, around-the-clock management and reporting.

Other functions could be available on demand, such as application control, user identity awareness, anti-virus, intrusion detection and prevention and web content filtering.

The vendor can also help define customers' security policies with a range of predefined but modifiable policies.

Reporting offered as part of the service can help the customer understand and manage its networks.

This could give customers easy, flexible, "set and forget" security, and partners a healthy recurring revenue stream that quickly generates profit.

Most importantly, it could let both parties focus on growing their business.

David Sandin is a product manager at Clavister