Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lesson 15 Total Cost of Ownership

Published byDavid Preston Modified over 5 years ago

Similar presentations

Presentation on theme: "Lesson 15 Total Cost of Ownership"— Presentation transcript:

1 Lesson 15 Total Cost of Ownership

2 What Drives TCO? Networks Grow in Size and Complexity Scope of Operations Increases Skilled IT labor grows scarce New applications require new solutions

3 What Drives TCO in Security?
Vendors produce in-secure applications Vulnerabilities proliferate Business processes depend on applications System availability drives profit

4 Components to Consider
Initial Cost of Product (25% of life cycle) Vendor Support Services Deployment Services Time for Staff to Install and Configure Training Cost Post Deployment Support

5 How to Reduce TCO? Simplify Infrastructure (KISS)
Upgrade Infrastructure When Timing is Right Minimize Labor Intensive Activities Consider Remote Management Know Your Assessment Parameters

6 T C O Security Risk Option 3 Option 2 Option 1 HIGH Budget Line
Acceptable Risk Ideal Soln LOW HIGH LOW Security Risk

7 Evaluating the Options
FIREWALL At Gateway Only Option 2 DMZ Firewall Architecture Anti Virus Software on all DMZ machines Option 3 DMZ, AV S/W on DMZ Machines VPN Access to all DMZ Machines AV S/W and Firewalls on all Clients

8 Evaluating Architectures
Option 1 - Screening Router Option 2 - Dual Homed Host Option 3 - Bastion Host Option 4 – Screened subnet (DMZ) Which one cost more relative to risk?

9 Option 1: Screening Router
Internet Screening Router

10 Option 2: Dual-homed Host
Dual-homed host Architecture Internet Dual-homed host

11 Option 3: Bastion Host Screened host Architecture Screening Router
Internet X Screening Router Bastion Host

12 Option 4: Screened Subnet
Screened subnet Architecture—aka DMZ Internet FIREWALL Exterior Router Perimeter Network Interior Router Internal Network

13 Assumptions Cost of Router: $3000 Cost of Firewall: $5000
Cost of Security Administrator--$75K/year Managed Security Service Provider(MSSP)--$24K/year

14 Things to Consider Which Option Would You Choose?
Is cost the only driver? Could You Determine TCO for the different architectures? Given a Set of Devices Could You Compute TCO?

15 Difficulties with ROI Investment decisions based on ability to demonstrate positive ROI ROI traditionally difficult to quantify for network security devices Difficult to calculate risk accurately due to subjectivity involved with quantification Business-relevant statistics regarding security incidents not always available for consideration in analyzing risk

16 Option Cost—In-house Manpower cost constant: $75K
Option 1 - Screening Router: $78K HW Cost: $3K (cost of 1 router) Option 2 - Dual Homed Host: $80K HW Cost: $5K (FW cost) Option 3 - Bastion Host: $83K HW cost: $8000 (router + FW) Option 4 – Screened subnet (DMZ): $86K HW cost: $11000 (2 routers + FW)

17 Option Cost—MSSP Manpower cost constant: $24K
Option 1 - Screening Router: $27K HW Cost: $3K (cost of 1 router) Option 2 - Dual Homed Host: $29k HW Cost: $5K (FW cost) Option 3 - Bastion Host: $32K HW cost: $8000 (router + FW) Option 4 – Screened subnet (DMZ): $35K HW cost: $11000 (2 routers + FW)

18 Summary What Drives TCO? Reducing TCO Option Analysis
Assumptions and Considerations Difficulties with ROI

Download ppt "Lesson 15 Total Cost of Ownership"

Similar presentations

Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Standards Certification Education & Training Publishing Conferences & Exhibits Using Outbound IP Connections for Remote Access EXPO 2005 Chicago, IL.

Standards Certification Education & Training Publishing Conferences & Exhibits Using Outbound IP Connections for Remote Access EXPO 2005 Chicago, IL.
Lesson 15 Total Cost of Ownership. What Drives TCO? Networks Grow in Size and Complexity Scope of Operations Increases Skilled IT labor grows scarce New.

Lesson 15 Total Cost of Ownership. What Drives TCO? Networks Grow in Size and Complexity Scope of Operations Increases Skilled IT labor grows scarce New.
Reducing Total Cost of Ownership (TCO) Mike Chon AM Computers.

Reducing Total Cost of Ownership (TCO) Mike Chon AM Computers.
Planning for Sustainable Desktop Computing Access ’98 Presentation Robert N. Kavanagh Associate Vice-President, Information Technology Services, University.

Planning for Sustainable Desktop Computing Access ’98 Presentation Robert N. Kavanagh Associate Vice-President, Information Technology Services, University.
Understand Virtualized Clients 10753 Windows Operating System Fundamentals LESSON 2.4.

Understand Virtualized Clients Windows Operating System Fundamentals LESSON 2.4.
Firewall Configuration Strategies

Firewall Configuration Strategies
A Robust Process Model for Calculating Security ROI Ghazy Mahjub DePaul University M.S Software Engineering.

A Robust Process Model for Calculating Security ROI Ghazy Mahjub DePaul University M.S Software Engineering.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
Chapter 11: Dial-Up Connectivity in Remote Access Designs

Chapter 11: Dial-Up Connectivity in Remote Access Designs
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
WSV404 DirectAccess Server (Server 2008 R2) DirectAccess Client (Windows 7) Internet Native IPv6 6to4 Teredo IP-HTTPS Tunnel over IPv4 UDP, HTTPS,

WSV404 DirectAccess Server (Server 2008 R2) DirectAccess Client (Windows 7) Internet Native IPv6 6to4 Teredo IP-HTTPS Tunnel over IPv4 UDP, HTTPS,
“DMZ In a Box”. What is a DMZ? As a military term As a computing term.

“DMZ In a Box”. What is a DMZ? As a military term As a computing term.
Virtual Connectivity Network Virtual Connectivity Networks – Improving Usability and Enhancing Security for Remote Access Jim Kokal Wavetrix President/CEO.

Virtual Connectivity Network Virtual Connectivity Networks – Improving Usability and Enhancing Security for Remote Access Jim Kokal Wavetrix President/CEO.
2 Systems Architecture, Fifth Edition Chapter Goals Describe the activities of information systems professionals Describe the technical knowledge of computer.

2 Systems Architecture, Fifth Edition Chapter Goals Describe the activities of information systems professionals Describe the technical knowledge of computer.
SCSC 311 Information Systems: hardware and software.

SCSC 311 Information Systems: hardware and software.
Chapter 6 of the Executive Guide manual Technology.

Chapter 6 of the Executive Guide manual Technology.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

Similar presentations

Ads by Google