Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Verizon Business Launches 3-Phase Cloud Security

Verizon Business is bundling free E-mail and Web security services for SMBs, branch office MPLS and public IP access customers as the first phase in a three-step rollout of cloud-based security services. Verizon will add cloud-based network firewall and intrusion detection/prevention services in the fall, and DDoS mitigation sometime early in 2011. The value-add service, which will be available in June for connections of 50 Mbps or less, is a direct result of Verizon's broad partnership with McAfee, announced last year. Verizon is delivering MX Logic (acquired by McAfee last September) E-mail and Web security services from its eight global data centers.

With the free service, Verizon is betting that security will be enough of a differentiator to draw customers away from competitors such as AT&T and BT. "It's an entree, a way to reach new customers and up-sell existing clients on other services," said Amy DeCarlo, principal analyst for Current Analysis. "They have on-site security services through their relationship with McAfee. And everybody likes free."

Hosted E-mail and, to a lesser extent, Web gateway and URL filtering, are popular security services for the cloud, particularly for smaller organizations. In addition to MX Logic, most of the hosted service providers have been acquired, including FrontBridge (Microsoft), Postini (Google), MessageLabs (Symantec), Purewire (Barracuda Networks) and ScanSafe (Cisco Systems). Some larger enterprises are choosing SaaS security for smaller distributed locations and/or a hybrid approach, using cloud providers to filter incoming traffic while using on-premises appliance or software products to control outbound content. "Clients see email and Web being rapidly commoditized; they think they are value-added services and should be included in an MPLS offering, said Jonathan Nguyen-Duy,  Verizon Business director, security product management. Clients say they won't pay for the services, but will consolidate all my MPLS traffic onto you."

Verizon Business currently offers managed services for on-premises network firewall and intrusion detection/prevention. The cloud services will be based on shared, multi-tenant architecture in its data centers, able to scale to thousands of policies and clients on a relative handful of high-end blade chassis. That infrastructure is proven, Nguyen-Duy said, as a platform for Verizon's anti-DoS services, with "all the engineering in place, all the staffing in place, all the standards compliance in place and all the audits in place." The current anti-DoS service is a dedicated, per customer offering, based largely on excess capacity purchased by large organizations as insurance against attack and defenses built around the technology of security vendor Arbor Networks. The cloud-based services will allow any organization--whether Verizon or another vendor is their provider--to ramp up in response to attack. Nguyen-Duy said Verizon is still working on the technology that will allow them to automatically route traffic from another provider. Arbor is currently with Verizon on that capability, he said.

The anti-DOS service is aimed primarily at the higher end of the market. "Now it's hard for them [Verizon] to quickly provision new services to a prospect if they have an emergency, which is how I think a lot of customers come to them," said DeCarlo. "There's an incredible demand for this. If they can deliver quick fashion, to provision and react quickly, this would be a big seller."