Lesson 15 Total Cost of Ownership. What Drives TCO? Networks Grow in Size and Complexity Scope of Operations Increases Skilled IT labor grows scarce New.

Slides:

Advertisements

Similar presentations

IPv6 7/18/ Road map for IPv6 Migration in an Organization.

Advertisements

MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.

Guide to Network Defense and Countermeasures Second Edition

Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.

Standards Certification Education & Training Publishing Conferences & Exhibits Using Outbound IP Connections for Remote Access EXPO 2005 Chicago, IL.

Lesson 15 Total Cost of Ownership. What Drives TCO? Networks Grow in Size and Complexity Scope of Operations Increases Skilled IT labor grows scarce New.

Reducing Total Cost of Ownership (TCO) Mike Chon AM Computers.

Planning for Sustainable Desktop Computing Access ’98 Presentation Robert N. Kavanagh Associate Vice-President, Information Technology Services, University.

Understand Virtualized Clients Windows Operating System Fundamentals LESSON 2.4.

Firewall Configuration Strategies

Citrix ® Secure Gateway Phil Montgomery Senior Product Manager Citrix Products and Services October 2001.

A Robust Process Model for Calculating Security ROI Ghazy Mahjub DePaul University M.S Software Engineering.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

WSV404 DirectAccess Server (Server 2008 R2) DirectAccess Client (Windows 7) Internet Native IPv6 6to4 Teredo IP-HTTPS Tunnel over IPv4 UDP, HTTPS,

Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.

NW Security and Firewalls Network Security

Lessons Learned in Smart Grid Cyber Security

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Identifying Application Impacts on Network Design Designing and Supporting Computer.

Virtual Connectivity Network Virtual Connectivity Networks – Improving Usability and Enhancing Security for Remote Access Jim Kokal Wavetrix President/CEO.

Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

Chapter 6 of the Executive Guide manual Technology.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

Module 4: Planning, Optimizing, and Troubleshooting DHCP

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Gathering Network Requirements Designing and Supporting Computer Networks – Chapter.

Guide to TCP/IP Fourth Edition Chapter 11: Deploying IPv6.

9.3 Computer System Support. Total Cost of Operating Computer Systems Total Costs of Ownership (TCO) – costs of installing, operating & maintaining Includes.

SANS Technology Institute GDWP Presentation 1 GIAC Enterprises Network Deployment Phase 1: The Perimeter Rodney Caudle, Jay Radcliffe, and Jim Voorhees.

Firewalls First notions. Breno de MedeirosFlorida State University Fall 2005 Types of outsider attacks Intrusions –Data compromise confidentiality, integrity.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

TOTAL COST OF OWNERSHIP

An iterative approach to Desktop Virtualization By Mike Cave, Acting Chief Information Officer CA Department of Toxic Substances Control.

Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through.

1 Management Information Systems NYC Human Resources Administration Richard Siemer – Deputy Commissioner MIS.

1 Evolution and Revolution: Windows 7 and Desktop Virtualization How to Accelerate Migration to Windows 7 Miguel Sian, Sr. Enterprise Solutions Consultant.

FireProof. The Challenge Firewall - the challenge Network security devices Critical gateway to your network Constant service The Challenge.

E-TechServices's IT Strategy Open. Virtualize. Rationalize. A Strategy for Optimal IT Deployment.

Firewall Security.

Module 11: Designing Security for Network Perimeters.

Enabling Secure Always-On Connectivity [Name] Microsoft Corporation.

1 Figure 11-3: Risk Analysis Financially Sensible Protections  Risk analysis: Balance risks and countermeasture costs Enumeration of Assets  Assets:

Security fundamentals Topic 10 Securing the network perimeter.

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

Wavetrix Changing the Paradigm: Remote Access Using Outbound Connections Remote Monitoring, Control & Automation Orlando, FL October 6, 2005.

Security Environment Assessment. Outline  Overview  Key Sources and Participants  General Findings  Policy / Procedures  Host Systems  Network Components.

6.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing.

IT Support Packs. CUSTOMER SEGMENT IT Service Desk teams who provide internal and external support to traditional systems including desktops, laptops.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 6 - Essentials of Design an the Design Activities.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

1 CNLab/University of Ulsan Chapter 19 Firewalls  Packet Filtering Firewall  Application Gateway Firewall  Firewall Architecture.

Servelite - Complete IT Solutions. Servelite IT solutions specialize in providing Home solutions and Business solutions. We focus upon delivering quality.

HOW TO CHOOSE THE BEST CLOUD ACCOUNTING SOFTWARE? You can use cloud-based software from any device with an internet connection. Online accounting means.

Security fundamentals

Managed IT Solutions More Reliable Networks Are Our Business

Chapter 6: Securing the Cloud

Lesson 15 Total Cost of Ownership

Set up your own Cloud The search for a secure and acceptable means of gaining access to your files stored at the office from a remote location.

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Lesson 15 Total Cost of Ownership

Welcome To : Group 1 VC Presentation

Firewalls Purpose of a Firewall Characteristic of a firewall

Professional Network Services

Contact Center Security Strategies

Firewalls Jiang Long Spring 2002.

1 Stadium Company Network. The Stadium Company Project Is a sports facility management company that manages a stadium. Stadium Company needs to upgrade.

Agenda The current Windows XP and Windows XP Desktop situation

Implementing Firewalls

Presentation transcript:

Lesson 15 Total Cost of Ownership

What Drives TCO? Networks Grow in Size and Complexity Scope of Operations Increases Skilled IT labor grows scarce New applications require new solutions

What Drives TCO in Security? Vendors produce in-secure applications Vulnerabilities proliferate Business processes depend on applications System availability drives profit

Components to Consider Initial Cost of Product (25% of life cycle) Vendor Support Services Deployment Services Time for Staff to Install and Configure Training Cost Post Deployment Support

How to Reduce TCO? Simplify Infrastructure (KISS) Upgrade Infrastructure When Timing is Right Minimize Labor Intensive Activities Consider Remote Management Know Your Assessment Parameters

Security Risk LOW HIGH LOW HIGH Budget Line Acceptable Risk Option 1 Option 2 Option 3 TCOTCO Ideal Soln

Evaluating the Options Option 1 –FIREWALL At Gateway Only Option 2 –DMZ Firewall Architecture –Anti Virus Software on all DMZ machines Option 3 –DMZ, AV S/W on DMZ Machines –VPN Access to all DMZ Machines –AV S/W and Firewalls on all Clients

Evaluating Architectures Option 1 - Screening Router Option 2 - Dual Homed Host Option 3 - Bastion Host Option 4 – Screened subnet (DMZ) Which one cost more relative to risk?

Option 1: Screening Router Internet Screening Router

Option 2: Dual-homed Host Internet Dual-homed host Architecture Dual-homed host

Option 3: Bastion Host Internet X Screened host Architecture Bastion Host Screening Router

Option 4: Screened Subnet Internet Screened subnet Architecture—aka DMZ Internal Network Perimeter Network Exterior Router Interior Router FIREWALL

Assumptions Cost of Router: $3000 Cost of Firewall: $5000 Cost of Security Administrator--$75K/year Managed Security Service Provider(MSSP)-- $24K/year

Things to Consider Which Option Would You Choose? Is cost the only driver? Could You Determine TCO for the different architectures? Given a Set of Devices Could You Compute TCO?

Difficulties with ROI Investment decisions based on ability to demonstrate positive ROI ROI traditionally difficult to quantify for network security devices Difficult to calculate risk accurately due to subjectivity involved with quantification Business-relevant statistics regarding security incidents not always available for consideration in analyzing risk

Option Cost—In-house Manpower cost constant: $75K Option 1 - Screening Router: $78K –HW Cost: $3K (cost of 1 router) Option 2 - Dual Homed Host: $80K –HW Cost: $5K (FW cost) Option 3 - Bastion Host: $83K –HW cost: $8000 (router + FW) Option 4 – Screened subnet (DMZ): $86K –HW cost: $11000 (2 routers + FW)

Option Cost—MSSP Manpower cost constant: $24K Option 1 - Screening Router: $27K –HW Cost: $3K (cost of 1 router) Option 2 - Dual Homed Host: $29k –HW Cost: $5K (FW cost) Option 3 - Bastion Host: $32K –HW cost: $8000 (router + FW) Option 4 – Screened subnet (DMZ): $35K –HW cost: $11000 (2 routers + FW)

Summary What Drives TCO? Reducing TCO Option Analysis Assumptions and Considerations Difficulties with ROI