There is no point carrying out research on your customer base unless you take action resulting from it. Verizon have not only been reading their own 2015 Data Breach Investigations report but also Forrester Research’s Business Technographics Global Security Survey 2014. The result is the launch of the Verizon Unified Security Service, initially in the US but it will be rolled out in certain other countries in 2016.
Why launch Verizon Unified Security Service
Verizon realised from their own research that security breaches occur because of a failing or inadequacies in one or more of the three elements of security: hardware, expertise and deployment. The Forrester research revealed that 70% of security technology decision makers in enterprises felt that using managed services was a high or critical priority for their organisations.
The theory behind this is that the ever changing landscape of cybersecurity is now evolving so fast, time cannot be dedicated to keeping up with it internally and companies are better off outsourcing elements. While cybersecurity may be critically important to the business it does not enhance the business in any way. This is even more the case with small and medium sized companies that may only have a small security team of two or less people to deal with an incredibly varied threat landscape.
Verizon’s thinking was that with a strong pedigree of security services they could offer an all in one solution that could be easily deployed and managed by Verizon staff.
What is Verizon Unified Security Service
This is not a full service and is not even a complete combination of Verizons existing security services, but perhaps that is the point. The solution offering is a preconfigured set of solutions that Verizon manage and monitor. It is not a replacement for Verizons Security Products and Services portfolio but rather is an alternative to it.
It is designed to protect the network edge for enterprises, checking the in and out flows from the organisation. It takes elements from MSS – Premises Premium + Monitoring and Management but is not the full service. Customers must purchase or lease a designated security appliance from Verizon. The service monitors and manages the appliance 24×7 and depending upon what level the client purchases will depend upon what level is monitored.
The device provisioned comes in three types, depending upon the throughput requirement, the three tiers are:. ≤ 100 Mbps, ≤ 250 Mbps and ≤1Gbps. This seems a sensible breakpoint and will allow Verizon to attack the SME market as well as the Enterprise one.
There are three tiers of service, taken from Verizon Unified Security Servic Service guide:
Verizon Unified Security Service : Basic Service Tier.
- Network Firewall. Controls incoming and outgoing network traffic based on a set of rules. Rules are composed of firewall objects such as source and destination IP addresses, source and destination ports, zones, and scheduling.
- Virtual Private Networks (“VPN”). Virtual Private Network (VPN) technology enables remote users to connect to private networks and resources via secure/encrypted (SSL or IPSec) tunnels over open insecure connections. A VPN reduces the possibility that unauthorized parties can intercept the information exchanged between the remote user and host private networks. VPNs can also be used to connect two or more private host networks.
- Gateway Based Anti-Virus / Anti-SPAM. These real-time gateway-based solutions are supplemental network protections to be combined with Customer’s existing primary anti-virus/anti-SPAM security tools. The anti-virus service protects against network-transmitted malware such as viruses, worms, trojans, ransomware, scareware, spyware, adware, botnets, phishing and grayware trying to breach the edge of a network. The anti-spam service uses both a real-time sender IP reputation database and a spam signature database, along with sophisticated spam filtering tools, to help detect a wide range of spam messages.
Verizon Unified Security Service : Intermediate Service Tier.
- Web Content Filtering. Web content filtering is a means of controlling the HTTP- and HTTPS-based Internet content that an end user is able to view using either proxy or payload replacement technologies. Typically, administrators of a business network choose to block harmful or unproductive categories of content such as adult, gaming, malicious, social media, etc.
- Intrusion Detection System (IDS). Monitors a network edge for outside attacks by using anomaly and signature-based detection technologies. Upon identification of a potential attack, it alerts an administrator to the attack or signals an integrated IPS service to protect the network.
- Intrusion Protection System (IPS). Works in conjunction with the IDS to protect a network against known attacks or vulnerability exploits by an attacker attempting to gain access to a private network. IPS will actively block and alert on the attempted intrusion.
- Layer 7 Application Controls. Monitors network edge traffic to detect specific application traffic destined for endpoints within Customer’s network and controls the communication with the endpoint, regardless of the port, protocol, or IP address used. This allows Customer to create more specific firewall rules by application, as opposed to just port and IP address.
Verizon Unified Security Service : Advanced Service Tier.
- SSL Encrypted Traffic Inspection. Allows anti-virus, anti-spam, web content filtering, and data loss prevention (“DLP”) to be applied to SSL-encrypted network traffic. The service intercepts, decrypts and inspects the encrypted sessions between the end user and remote device to determine if it is necessary to block the payload. If the network traffic is not malicious, it is re-encrypted and continues on its normal path without any indication the inspection has taken place.
- Data Loss Prevention. DLP is a sophisticated pattern matching solution to prevent unauthorized external communication of sensitive or regulated data beyond the network edge. Typically, administrators of a network choose to define data patterns for content such as social security numbers, credit card numbers, items tagged confidential or proprietary, etc., to be blocked, or logged and allowed.
- Voice over IP (“VoIP”) Traffic Shaping. VoIP traffic shaping is a major advantage when attempting to ensure the quality of VoIP calling by applying bandwidth limits and prioritization. Traffic shaping can also be applied to VoIP traffic using differentiated services code points or type of service indicators to determine how the IP datagram should be delivered, using criteria of delay, throughput, priority and cost.
- Explicit Proxy Web Optimization. As with VoIP traffic shaping, deploying an explicit proxy with caching can help improve your user’s web browsing experience, caching web content at your network’s edge, avoiding the need to constantly retrieve static content from remote servers.
More questions than answers
While this looks good as a service it also leaves a number of questions unanswered. If you take the device and service at the basic tier level does that mean you need to provide the remaining services yourself? This seems inflexible as some smaller companies may wish to have a basic service but include the VOIP traffic shaping.
This doesn’t seem to be a complete security service but an attempt to compliment what some companies already have, some will find this new solution ideal, others will shy away. There is no doubt that there is a market for this kind of service but in using a cookie cutter approach Verizon may find that after the initial sales it may get tougher without offering some kind of flexibility.
One can understand the dilemma faced by Verizon, they need to produce a service that they can fulfil with existing teams and introducing too much flexibility make that difficult. This is why it is often hard for larger companies to service SME’s as they just cannot deliver the flexibility that is needed.
Verizon did announced that the service will be available with a hosted service later this year, delivering such a SECaaS (Security as a Service) can only be done to existing Verizon customers but the current service is open to anyone. Customers in Europe, Asia-Pacific, Latin America and Canada will have to wait until 2016 to take advantage of Verizon Unified Security Service.
Mike Denning, vice president of Global Security at Verizon Enterprise Solutions explains their thinking: “With Unified Security Services, we have bundled together technology, human expertise and deployment services into one convenient offering, …
“This solution is aimed at helping organizations — with little to no internal staff — better safeguard their networks, without adding complexity and/or more resources to their IT teams. Based on research from the 2015 Data Breach Investigations Report, this is the bare minimum set of services every organization should deploy.”