Symantec Opens Outsourcing Service To Partners


VARs could profit from a potential stream of recurring revenue


Symantec this week at the Solution Provider Xchange extended its managed security services (MSS) program to its partners, handing solution providers a golden opportunity to extract a steady stream of recurring revenue and a long-term relationship from customers.

Formerly sold only as a direct service by Symantec, the Managed Security Services Partner Program now enables solution providers to add the outsourcing offering to their value-added portfolio.

The demand for such a service holds great potential for partners, according to Symantec officials, who told VARBusiness this week that the market's comfort level with security outsourcing is growing. They cited a recent Gartner report that said that 60 percent of enterprises over the next four years will seek external management for some aspect of their IT security. Indeed, one needs to look no farther than the legions of overwhelmed corporate IT staffs who are pulling their hair over the complexity and cost associated with dodging attacks, shoring up the network and eliminating vulnerabilities. The sheer volume of security incidents faced daily is daunting.

"The average enterprise gets 9.5 million security incidents per month and of that, only two need to have something done about them,%EE said Allyson Seelinger, vice president of enterprise and consumer channels for Cupertino, Calif.-based Symantec. %ECIt%EDs incredibly resource-intensive to monitor all this data. Our MSS offering will do it for you."

Central to the new program are Symantec's five global Security Operations Centers (SOCs), where the company's experts remotely monitor and/or manage clients%ED network security infrastructure. The services carried out at the SOCs range from monitoring only, where alerts are sent to a customer site when a problem is detected; to a more robust model of security management, where the SOC itself acts on an event -- for example, remotely shut down a vulnerable firewall node.

In addition, the SOC systems are designed to be technology-agnostic, able to keep tabs on security-related products from other vendors in addition to overseeing Symantec installations, said Seelinger. This way, solution providers who aim to sell the outsourced service aren%EDt put in the position of telling their customers to first rip out their existing security products.

For solution providers, preaching the outsourcing model can benefit them in several ways. For one, they are able to capitalize on a recurring, monthly stream of revenue from customers. Two, they will be tapped to provide the upfront integration work needed to tie their customer%EDs network into the Symantec SOC. And three, outsourcing gives them something new to sell during a down economy to their stable of existing customers.

On top of that, the profit margins are expected to run higher than a typical security product sale alone, according to Symantec.

Symantec envisions several different scenarios for the sale of its MSS offering, including involvement by a range of VAR types. At the top layer, a handful of large solution providers that operate their own network operations centers (NOCs) are expected to sell the Symantec service as a co-branded solution.

For its part, Symantec is ultimately responsible for meeting the service-level agreements with end users of the service, according to Seelinger.