Managed Security Services - MSS
Enabling Partners to Deliver Broad and Integrated Managed Security and Networking Services
Enabling Partners to Deliver Broad and Integrated Security and Networking Services
One recent analysis projects that companies will spend more than $58 billion on managed security services by 2024, reflecting more than a 14% annual growth rate. The cybersecurity skills shortage, coupled with increasing levels of specialization required to manage a growing security infrastructure, means that the use of managed security service providers (MSSPs) is increasingly attractive to companies of all sizes.
For MSSPs services, this trend represents an unprecedented opportunity for recruiting new clients and increasing their footprint at existing ones. But it also presents a vexing challenge. To take advantage of this growing market need, MSSPs must deliver the right mix of managed security services cost-effectively and in ways that align with the business needs and priorities of their target customers.
Fortinet MSSP partners reduce risk and minimize the impact of cyberattacks by providing managed security and monitoring technologies to protect enterprise data, infrastructure, and users regardless of who, where, when, and how IT assets are accessed. Fortinet MSSPs extend the security operations of the enterprise by bridging people, skills, process, and technology.
As a security service provider, Fortinet offers a broad portfolio of integrated and automated security tools that cover network security, cloud security, application security, access security, and network operations center (NOC) and security operations center (SOC) functions. The ability to bridge security and networking on the same platform is a big advantage for MSSPs, enabling them to offer a broad, single-provider solution and increasing average revenue per user (ARPU).
Secure SD-WAN Services
Managed Secure SD-WAN Service
Software-defined wide-area networking (SD-WAN) affords managed security service providers (MSSPs) an incredible opportunity: to increase their footprint at customer sites by expanding into networking services. The opportunity is equally attractive to customers, as it enables them to scale their network traffic using the public internet without paying for new multiprotocol label switching (MPLS) bandwidth. But security is a big challenge for companies considering SD-WAN, as network traffic moving on the public internet opens a big, new element of the attack surface.
Other SD-WAN offerings are often based on point products that are purchased and administered separately from a security solution. This can reduce margins, degrade security, and reduce the overall quality of the service. FortiGate Secure SD-WAN combines complete security and robust networking performance in a single platform, enabling MSSPs to broaden their reach profitably.
Such an offering also provides the potential for an MSSP to expand its services to secure networking at branch locations without adding additional point products with Fortinet SD-Branch. The solution includes FortiGate next-generation firewalls (NGFWs) combined with switching, wireless access, and network access control (NAC) tools.
Launching a managed secure SD-WAN service powered by Fortinet brings a number of advantages to MSSPs:
- The opportunity to grow ARPU at existing customer sites by expanding into networking services to, from, and within branch locations
- The ability to grow this new business over time with a lack of expensive additional contracts and deployments required
- Operational efficiency and enhanced profitability by delivering the service via a fully integrated, multi-tenant toolset
SOC Services
Managed SOC Service
Building and staffing a security operations center (SOC) is an expensive undertaking for organizations of all sizes, and maintaining it on a 24×7 basis can be an ongoing resource drain for the security team. Unfortunately, the cybersecurity skills shortage means that the problem is only getting worse.
Yet, the visibility and actionable insights that can be derived from an SOC are important for the business.
MSSPs can fill this gap by delivering a range of services from their own SOC. These services can be offered at specific levels or as tailored services for individual customers’ needs. For example, many customers benefit from managed security information and event management (SIEM) services because of the deep visibility and analytics they provide. And managed detection and response services can leverage artificial intelligence (AI)-driven threat intelligence and indicators of compromise (IOCs) feeds to add layers of protection to customer environments. Customers can even have their own login to view the analytics for themselves.
The Fortinet Security Fabric, powered by FortiSOAR and FortiSIEM enables MSSPs to build a full-spectrum SOC with end-to-end integration across the entire architecture. Numerous security tools from Fortinet and third-party Fabric Partners integrate seamlessly into the Fabric, and Fortinet’s open architecture and robust representational state transfer application programming interface (REST API) enable MSSPs to integrate other solutions. MSSPs managing small to mid-sized enterprises with smaller IT security teams can use FortiSIEM and/or FortiAnalyzer for security operations. For managing large enterprises and with a mature SOC team, FortiSOAR and the Fortinet Security Fabric provide the best functionality, performance, and value.
Delivering managed SOC services using the Fortinet Security Fabric brings these benefits to MSSPs:
- The ability to offer comprehensive services without managing a plethora of point products
- The benefit of real-time, AI-powered threat intelligence along with other layers of protection against unknown threats
- Operational efficiency and enhanced profitability by delivering the service via a fully integrated, multi-tenant toolset
Cloud Security Service
Managed Cloud Security Service
Organizations are moving more and more business-critical applications to public cloud platforms, with public cloud spending expected to exceed $20 billion this year—an annual growth rate of more than 17%. Unfortunately, the rapid adoption of sprawling cloud infrastructures increases security operations complexity, and the result is often that cloud-based applications are vulnerable.
Managed security service providers (MSSPs) can offer comprehensive cybersecurity protection for all services running on multiple clouds. Alternatively, they can offer protection on an application-by-application basis using a Web Application Firewall (WAF)-as-a-Service model. Both approaches can increase an MSSP’s footprint at customer sites. At the same time, operational efficiencies derived from end-to-end integration can increase their margins.
Fortinet offers robust, cloud-native tools to bring MSSP customers’ entire distributed cloud infrastructure together under a single umbrella, with consistent security protection, policy management, and configuration management. FortiGate VM brings the NGFW to a virtual machine that works well for cloud environments, and the FortiWeb web application firewall (WAF) is available in several form factors, including Software-as-a-Service (SaaS). The FortiCASB cloud access security broker (CASB) service and the FortiCWP cloud workload protection (CWP) tool deliver visibility, compliance, threat protection, and configuration management across the cloud infrastructure.
A managed cloud security service powered by Fortinet brings these advantages to MSSPs:
- Security tools native to each cloud bring a consistent set of security policies and practices to all customer cloud deployments
- Inline, real-time threat intelligence in FortiWeb enables instant, automated response to security events
- Operational efficiency and enhanced profitability by delivering the service via a fully integrated, multi-tenant toolset
WAF as a Service
Managed WAF as a Service
FortiWeb Cloud WAF-as-a-Service enables partners to protect their customers’ applications in public and private cloud environments.
Organizations are relying on an increasing number of web applications, and users are expecting to access these business-critical applications from any internet connection, on any device. Since they no longer have the luxury of keeping these applications inside the traditional network perimeter, these internet-facing web applications cannot be protected via traditional perimeter-based defenses. A web application firewall (WAF) is the first line of defense for web applications. FortiWeb delivers a WAF that can deliver protection anywhere organizations deploy applications, including in public and private cloud environments.
As customers roll out new applications in cloud environments, they need MSSPs that can take on the challenge of securing their web applications. Launching a managed WAF-as-s-Service powered by FortiWeb Cloud WAF as a Service brings a number of advantages to MSSPs, including:
- Industry-leading WAF protection against advanced threats
- Robust protection against common vulnerabilities such as the OWASP Top 10
- The ability to protect applications deployed in public cloud environments, including AWS, Azure, and Google Cloud, with minimal upfront investment
- Ability to leverage the public cloud to deliver a scalable, multi-tenant solution with the role-based access control and management APIs that MSSPs require
- The ability to deliver the same protection to applications deployed with WAF-as-a-Service hosted on the private cloud with FortiWeb Private Cloud
Key MSSP Security Challenges
Visibility
The growing attack surface is one reason that many businesses are turning to MSSPs to detect and prevent attacks. Customers often employ multiple, siloed point products in their legacy infrastructure that result in incomplete visibility and increased vulnerability.
If the MSSP has that same lack of end-to-end visibility of their customers’ legacy security infrastructure, they risk fast-moving intrusions getting through before a manual threat detection and response can occur. As a result, their managed IT security services ultimately do nothing to improve their customers’ security posture. This negates opportunities to increase ARPU and might put the entire account at risk. To deliver a value add to customers, MSSPs need to achieve end-to-end visibility across each customer’s environment and provide that visibility to them via a customer portal.
Operational Efficiency
No managed service will be profitable if it is not delivered in an efficient way on the back end. Lack of integration across different security elements and architectural fragmentation increases operational inefficiencies. Without integration and automation, many security workflows must be managed manually. This certainly increases risk, but it can also slow DevOps cycles, degrade customer and employee experience, and increase administrative overhead and operational costs.
An architecture that is integrated and automated from end to end, on the other hand, enables the MSSP to deliver broad services while optimizing staff time and budgetary resources, maximizing margins, and potentially increasing ARPU. Silos are eliminated, and the MSSP’s customers receive the most complete security protection possible.
Breadth of Offerings
Offering a broad suite of security services to customers enables an MSSP to offer a wide range of cybersecurity services. They can tailor services to the needs of an individual company, or they can offer several boilerplate levels of service that meet a wide variety of needs. Either approach potentially increases ARPU through the opportunity to upsell in specific accounts. It also enables the organization to compete for business from potential new customers that are looking for a comprehensive set of services under one umbrella.
Yet, if the MSSP uses unintegrated point products to deliver these services, each new service added to an account would require the use of a new point product operating in its own silo—and manual correlation with existing services. Ironically, it could mean that customer accounts that leverage more services would be less profitable than those that use fewer services, inhibiting business growth. On the other hand, for MSSPs that power their offerings with a broad, integrated, and automated security architecture, every newly added service on an account increases both ARPU and profits.
Threat Intelligence and Analytics
Customers need and expect real-time access to robust threat intelligence to counter threats that move at machine speed. In addition to a customer’s own security logs, many subscribe to threat-intelligence feeds pulled from large networks of global firewalls, but it is a challenge to aggregate this data across a fragmented security architecture in time to quickly respond to threats.
Customers also expect data-driven advice from the professionals they are paying to manage their security infrastructure—a challenge for MSSPs operating in disaggregated environments. In such an environment, providing advice to customers is an expensive proposition, and the insights gained are less valuable due to inevitable human error in the analysis.
Fortinet Differentiators for MSSP Cybersecurity
Robust, Broad-based Security Products and Services
Robust, broad-based security products and services to enable a comprehensive menu of services for MSSPs’ customers from a single platform for higher ARPU and broader revenue opportunities. At the same time, Fortinet Network Security Expert (NSE) training gives MSSPs a consolidated training model for a broad set of security and networking products under management—and a way to differentiate their services.
Multiple Product Consumption Models
Multiple product consumption models offer MSSPs and their customers the flexibility needed to secure their data, infrastructure, and applications in the most optimal way. Different Fortinet solutions are available in appliance, virtual machine, cloud, and Software-as-a-Service (SaaS) form factors. MSSPs can also leverage special pricing programs such as pay as you go and subscriptions, providing the flexibility to address different business models that support their service offerings.
Recognized Leadership in Network Security
Recognized leadership in network security, named a Leader in the Gartner Magic Quadrant on Network Firewalls, and verified as “the fastest processor and lowest latency in the industry” in NGFW testing by NSS Labs. This unparalleled performance enables MSSPs to reduce their capital expenses (CapEx) spend, and a smaller security and network footprint to deploy and manage lowers operational expenses (OpEx) costs.
Ability to Leverage Investments in Third-party Products
The ability to leverage investments in third-party products via integration through the Fabric Alliance, open application programming interfaces (APIs), and a robust representational state transfer (REST) API. This provides MSSPs with rapid scale to remove friction and increase the speed of service rollouts.
Security Solutions Designed as Multi-tenant from the Ground Up
Managed security solutions designed as multi-tenant from the ground up, enabling MSSPs to isolate but still manage multiple customer networks from a single console. This increases ARPU while improving operational efficiencies.