Equant NV announced a managed service on Monday that addresses a major shortcoming of intrusion detection systems: too many false alarms.
"There are a large amount of false negatives and false positives with intrusion detection," said Steve Maslin, product manager for Equant's new Intrusion Detection service.
Initially available only for the company's managed firewall service customers, the new offering promises an added level of security by examining traffic for irregular patterns or content.
The Intrusion Detection service is based on Cisco IDS 4200 Sensors that Equant deploys in front of Check Point firewalls on customer sites (although Equant will support other vendors' IDS gear if already installed). Alarms and alerts are forwarded to security operations centres run by Equant partner Ubizen, which correlates the messages and sorts out which ones might spell trouble.
"This is a service that does not rely on an automatic response, but an intelligent response to alerts and alarms," Maslin said.
Equant claims this service could offload a lot of work for a customer. The carrier said a company with up to 30 sensors could experience five million alerts in a single month.
Equant sits down with each customer prior to service deployment for a network vulnerability assessment.
The offering will be available in 220 countries where Equant offers managed services. "One of the greatest strengths of Equant is that it truly offers a global service and provides a one-stop shop for an integrated portfolio of managed security services," said John Sherwood, managing director at consulting firm Sherwood Associates.
The service is initially for customers that have dedicated IP connections running from 45Mbps to 200Mbps. An upgraded version in the fall will support customers with connections up to 1Gbps, Maslin said.
Equant is far from alone in the managed security services market.
AT&T, which improved its IDS service last month, handles the monitoring of its customers' network security in-house. MCI, like Equant, teams with a security company to deliver its offering; MCI’s partner is ISS.
Ubizen and ISS also offer security services of their own, though companies such as Equant and AT&T offer many more managed services. While ISS is the market leader, Equant can offer users a broader range of security product support, where ISS only offers customers probes developed by the company, Sherwood said.
Equant’s Intrusion Detection service rates vary depending on the customer’s dedicated bandwidth connectivity. The carrier said it will charge about $US3800 per month for a 100Mbps connection for a user that signs a three-year contract.