|
|
|
|
|
|
  |
||
|
ISP-Planet Survey:
Managed Security Service Providers
( Back to Article) Managed Virtual Private Networking Chart |
||
|
Managed
VPN
Services |
Platform(s)
|
Type
|
Protocol(s)
|
Advance
Auth. |
24/7
|
Reports
& Logs |
Policy
Updates |
SLA
|
Comments
|
| Alice
Networks Managed Firewall Service |
Depends on Need | S2S | Not Specified |
PKI
and legacy
authentication |
Yes
|
Yes
|
Via
regular communication with client and best practices
|
Yes
|
Available
standalone, solution dependent on specific needs.
|
| Check Point VPN-1 | S2S RA |
IPsec/IKE PPTP & L2TP relayed but not terminated on firewall |
Client-managed
RADIUS, SecurID
|
Yes
|
FTP
push or Log Export API (LEA) to extract the logs in near real time
|
Authorized
individuals can request updates by SOC. Customer can manage user-specific
security policy and monitor other components.
|
No
|
AT&T
Virtual Tunneling Service (AVTS) also available for customers that
would prefer to implement a dedicated VPN hardware solution that
is not part of the firewall.
|
|
| eTunnels
VPN-On-Demand (VOD) |
Proprietary, Windows Client, Appliance based on hardened OpenBSD | S2S RA EXT |
IPsec/IKE | PKI and legacy authentication |
Yes
|
Via Web GUI | Via Web GUI: Distributed Policy Enforcement Platform |
Yes
|
Centrally managed, deployed and provisioned via eNS (eTunnels Network Service), new Firewall-On-Demand feature to be available soon |
| Exodus
Managed VPN Hardware Gateway, Software and Managed Extranet Services (Powered By Aventail) |
Nokia
Cisco Check Point |
S2S EXT |
IPsec/IKE PPTP |
Legacy
authentication
|
Yes
|
Yes
|
Remotely,
at
client's request |
No
|
Software
VPN is firewall option
|
| Genuity
VPN Advantage for Nortel Networks Contivity, VPN Service for Cisco, VPN Remote Access Suite for Nortel Networks Contivity |
Nortel
Contivity Cisco Routers |
S2S RA EXT |
IPsec/IKE |
Genuity
CA
and legacy authentication |
Yes
|
Yes
|
Secure
web management portal or by contacting NOC
|
Yes
|
End
User Help Desk OptionWorldwide Availability
Genuity has a Tier-1 network |
| Guardent
Managed Firewall Services |
NetScreen Cisco PIX Check Point Nokia Compaq |
S2S RA |
IPsec/IKE |
|
Yes
|
Yes
|
Remotely
from SNOC,
at client request |
Yes
|
Available
as option with firewall services. VPN assessment consulting services
also available.
|
| Imperito
Instant VPN |
Proprietary Windows Software | RA EXT |
IPsec/IKE | Integrated PKI |
Yes
|
Yes
|
Web console enables multi-tier management with instant addition, deletion or suspension of users |
Yes
|
Split tunnel access. Connection agnostic (DSL/PPPoE/PPP/WiFi/Ethernet). Auto updates. Zero configuration client. |
| Interland
Managed Site-to-Sire VPN |
Check Point Nokia | S2S RA |
IPsec/IKE |
Supports
legacy authentication on case-by-case basis
|
Yes
|
Via
customer security portal
|
Contact
24/7 support
|
Yes
|
Both
network-dependent and independent services available, available
as option with firewall service
|
| Intermedia
Secure Managed Firewall & VPN Services |
Check Point Nokia | S2S RA EXT |
IPsec/IKE PPTP L2TP |
PKI
and legacy authentication
|
Yes
|
Daily
Archiving with Monthly or Quarterly Reports
|
Requests
via telephone, email
or Security Portal |
Yes,
Buy not formal |
Included
with managed firewall. Intermedia must have sole control of both
endpoints for point-to-point tunnel creation.
|
| ISS
Managed Site-to-Site VPN Service Client VPN Enablement Service |
Check
Point VPN-1on Nokia and Sun CP Secure Remote WatchGuard Cisco PIX |
S2S RA |
As supported by each platform |
As
supported by each platform
|
Yes
|
Customer
web portal
|
ISS
uses firewall and custom
tools to make remote changes safely |
Vary
per FW service |
Available
as option with firewalls. Enterprise & High Availability Services:Proactive
Monitoring with SLA on responding to network/CPE outages. Silver
& Small Office Services:Health Monitoring tracks CPE status.
|
| KeyBridge
Managed VPN Service |
NetScreen | S2S | IPsec/IKE L2TP |
PKI,
RADIUS, SecurID, LDAP
|
Yes
|
Future
enhancement planned
|
Remotely,
at client request
|
Yes
|
Firewall
and VPN use same box at no additional charge. Proactive monitoring
for all devices. Management uses VPN for highest security. Monthly
audits keep appliance HW and SW current.
|
| METASeS
DefenseOne Firewall Monitoring & Management |
Symantec
Raptor Check Point VPN-1 Cisco PIX NetScreen |
S2S | Not Specified |
Not
Specified
|
Yes
|
Via
email, web
|
Web
request
|
Yes
|
Available
as option with firewall service
|
| Netcelo
Internet VPN Service |
Any Qualified IPsec Platform (e.g.: Cisco, SafeNet) | S2S RA EXT |
IPsec/IKE L 2TP over IPsec |
PKI and XAUTH |
Yes
|
Yes
|
End users and partner SPs update policies on-line, using secured Web interface |
VPN
and Acc
|
Netcelo sells managed services only through SP partners. Partners provide 1st level hotline. Netcelo provides 2nd level hotline and 24/7 monitoring. Wizards enable quick, simple initial config. Supports static and dynamic addresses. |
| NetPlexus
Managed VPN Solution |
Check
Point Nokia SonicWALL Nokia Crypto Clust Intel NetStructure |
S2S RA EXT |
IPsec/IKE | PKI and legacy authentication |
Yes
|
Reports
vary by platform
|
Requested
via email, telephone, or personal NetPlexus Support web site |
Yes
|
Web Site provides reporting tool and repository for deployment information, configurations, policy tables, network diagrams, and change requests. Lets customer submit and track support tickets. Data retained up to 6 months. |
| OneSecure
Managed VPN Service |
Check
Point NetScreen Cisco Nokia |
S2S RA |
IPsec/IKE |
PKI
and legacy authentication
|
Yes
|
Yes
|
Co-Management
platform offers real-time visibility of security policy
|
Yes
|
Efficient
and scalable deployment includes comprehensive tests to ensure that
VPN hardware and software are functioning properly. OneSecure will
implement all security policy changes using best practices within
specified response time windows.
|
| Riptech
Managed & Monitored Firewall Service |
Check
Point VPN-1 and Provider-1 on Nokia, Sun, Win Cisco PIX NetScreen Symantec Raptor |
S2S RA EXT |
IPsec/IKE |
Legacy
authentication
|
Yes
|
Via
the secure Internet interface
|
Changes
requested via secure Internet interface; changes made by Riptech
engineers via VPN tunnel.
|
Yes
|
Included
with firewall service. Monitored and managed via Riptech's Caltarian
platform, using advanced technology to identify real security threats
amid large volumes of data. Detailed analysis and recommendations
provided by SOC.
|
| Symantec
Managed Firewall Services |
Symantec
(Raptor) Cisco PIX, Check Point, Nokia, WatchGuard NetScreen, NAI Gauntlet, Sidewinder |
S2S RA |
IPsec/IKE |
PKI
and legacy authentication
|
Yes
|
Yes
|
Securely
updated from SOC
|
Yes
|
Considered
part of Managed Firewall Service.
|
| Telenisus
Managed Site-to-Site VPN Service Managed RA VPN Service |
Cisco 3000, Cisco IOS, Cisco PIX, Check Point on Sun, Nokia, Intrusion.com | S2S RA EXT |
IPsec/IKE |
PKI
for S2S. RADIUS, SecurID, and NT available for RA (two-factor recommended).
|
Yes
|
Future
enhancement planned
|
Updates
requested by validated contact; designed, tested and implemented
by certified staff.
|
Yes
|
Onsite
repair service is included. International service available wherever
permitted by law. High availability supported for S2S and RA VPNs.
Changes governed by SLAs with financial penalties for failure to
perform.
|
| Verio
Intellisecurity VPN Services |
Check Point Nokia, NetScreen | S2S RA EXT |
IPsec/IKE |
Legacy
authentication
|
Yes
FW |
Yes
See managed firewall service for details |
Updates
requested directly via secure web interface.
|
Yes
|
VPN
offered with managed firewall. Real-time VPN monitoring provided
for monitored firewall customers.
|
| WorldCom
IP VPN Total Access IP VPN Customer Directed IP VPN Remote Access |
Cisco Nortel Contivity Lucent AP SmartPipes |
S2S RA |
IPsec/IKE L2TP |
Legacy
authentication
|
Yes
|
Yes
|
Customer-Directed
via secure web; others via customer support
|
Yes
|
Services
are tied to SP's network. Total and Remote Access Services available
as firewall option.
|
| XO
Communications Dedicated Access VPN Remote Access VPN |
VPNet | S2S RA EXT |
IPsec |
Supports
RADIUS, still evaluating SecurID & PKI
|
Yes
|
Accessible
by client's designated point of contact via Web browser, username
and password.
|
Contact
Security Operations desk by phone
|
Yes
(See Right) |
Can
be combined with XO's Check Point FW-1 Service. Customers may use
another provider for Internet access, but XO cannot be responsible
for troubles relating to the non-XO access circuit. XO partners
with GRIC to provide global remote access. Monitors dedicated access
circuits. Dedicated Circuit SLA: 99.9% Availability, 85ms Latency,
1% Packet Loss. Remote Access SLA: 95% connect over 24 hours, 46Kbps
speed.
|
