Frost & Sullivan predicts that the market for Managed Security Service Providers (MSSP) will grow from $6,66-billion in 2011, to $15,63-billion by 2016.
“We are seeing a steep increase in advanced threats and cyber attacks. More and more organisations across the globe are thus seeking and employing the services of a managed security service provider (MSSP) to provide additional layers of security. Also hiring, maintaining and retaining your own security specialists to obtain an acceptable level of protection is proving to be too expensive, making a MSSP very desirable,” says Bryan Hamman, territory manager for sub-Saharan Africa at Arbor Networks.
Attacks on the network can happen at any time and from anywhere, which means that no matter where in the world a business is run from, it could be the target of cyber criminals. “Malware is no longer the most dangerous enemy, your greatest opponent now are human orchestrated. And it is this particular threat that places almost every business with a network at risk. As such, to stay ‘alive’, security has to be the fundamental constituent of an operation, its reputation and its profitability,” says Hamman.
Although MSSPs use high-availability security operation centres to provide 24/7 security services, should an organisation’s security be compromised, dealing with the disruptive effects of such an attack remains the responsibility of the organisation and not the MSSP. “Arbor Networks has drawn up five questions to ask an MSSP to better ensure security throughout your organisation,” adds Hamman.
These are:

How does your MSSP differentiate between legitimate traffic and malicious traffic?
Deploying an advanced threat solution, such as Arbor Networks Spectrum, enterprises gain the visibility to monitor and manage traffic destined to and from critical resources. As a result, they can block attacks appearing as legitimate traffic. “Arbor Networks Spectrum is designed specifically for security teams, from the most senior responder to novice analysts, to search the entire network to uncover, investigate and prove sophisticated attack campaigns within minutes, not hours or days,” continues Hamman. “It is the new approach to find and hunt down hidden advanced threats.”

In the event of a successful attack, what provisions are included in the security level agreement (SLA)?
Most SLAs with MSSPs provide explicit coverage up to a specific level of bandwidth protection. However, the MSSP may not be able to keep up with an extremely high-volume DDoS attack. Determine what reimbursement is provided if the MSSP is not able to protect your internal network, such as the monthly contractual service fee. With an Arbor Networks solution in the network, enterprises can help block high-volume attacks that threaten business continuity.

What equipment does the MSSP utilise for both monitoring and blocking malicious traffic?
Ensure that your MSSP is using the “latest and greatest” products so that advanced attacks are not only identified, but also blocked. In some cases, MSSPs may be using different product vendors for each of these functional aspects of service.

How does the MSSP protect the data-centre cloud environment?
With Arbor devices deployed in cloud environments, Arbor’s unique Cloud Signaling technology provides robust protection for this shared environment.

How does the MSSP protect your unique network environment?
Most MSSPs utilise the same monitoring and blocking model for all customers. But because each network is unique, each has protection requirements that may not be met by the MSSP model. With Arbor Networks in the fabric of the network, enterprises can customise the protection to better meet the needs of each environment and network architecture.
“A holistic security strategy not only identifies and mitigates malicious traffic, but is also crucial to achieving your business goals. A true partnership with your MSSP is thus necessary and can be achieved through an open and honest conversation, asking pointed and educated questions,” Hamman says.