your key to IP security

 Home Newsletters
IPkey.com
Menu   FAQ  

November 07, 2006

Welcome
News
Who we are
Client Access
InfoSecurity
Solutions
Partner
FAQ
Contact Us

Risk Free Trial...

Email: Spam &

Virus Protection

Start your free
 30 day trial today
Learn more / Register
 or call
(866) 330-1010

New!

Download Brochure

 

 

 

 

Getting Started

How do I start?

Download the MMS Getting Started form. Fill it out and fax it back to us. Unless your requirements are unusually large or complex, we can start monitoring your equipment within 24 hours.

Do I have to sign a contract?

No.  We do not require a contract for you to start.  However, if you do sign a 1 year MMS Subscription Agreement, we will credit your account applicable setup fees at the 4th quarterly  billing. 

How do you bill for MMS?

We bill for MMS quarterly in advance.  The first bill will include the setup fees.  The easiest way to pay is with a credit card.  If you prefer not to use plastic, we can invoice you quarterly.  However, to activate MMS, we must have received both the setup fees and the first quarter payment.

 

General

Aren’t you exaggerating the internet security threat just to promote your business?

The threat needs no exaggeration.  How bad is it?  Researchers at the US government-backed CERT emergency response center (www.cert.org) received 52,658 reports of security breaches and attacks last year – more than double the figures for 2000.  Additionally, a recent survey conducted by the FBI and Computer Security Institute found:

§         85% of surveyed had been attacked in the past 12 months

§         64% acknowledged a financial loss from an attack

§         Of those reporting dollar losses from attacks the average loss amount was in excess of $3,700,000

What happens if there is a failure at IPkey’s facility?

Our monitoring and management run on equipment that is co-located at a secure facility that has redundant T-3 circuits on Sprint and UUNet backbones, highly conditioned power and a backup generator.  Given this, a failure is extremely unlikely, but one can occur.  If this happens, we will not issue any alerts regarding your equipment which will in all likelihood be working fine, but we will email you an event report.  There will be occasions where we have to perform scheduled maintenance on our equipment.  We will notify you at least 48 hours in advance.   These events will last only a few minutes and will be typically scheduled off-hours on a weekend.

  

Managed Monitoring & Protection

 Why can’t I monitor my own system?

You can.  Most large corporations run a Network Operations Center staffed 7x24 with some very expensive datacom and security engineers.  Often, their carrier will have one or more dedicated engineers on-site to assist.  Nothing short of money prevents you from doing the same.   However we can do it for you right now for a fraction of what you would spend to replicate our capabilities.  We believe that we can offer a high level of service at an affordable price if we amortize the high cost over many clients.  That way, you get the benefit of our facilities and expertise at a fraction of the cost.

How will I be contacted when there's a problem?

MMS clients receive 3 types of messages. These are color coded so that clients immediately know the severity of the notification and the urgency of attention required.  The Subject Line of every message from us will begin with one of the following phrases:

MMS Red Alarm

MMS Yellow Alert

MMS Green Status

A Red Alarm notification is typically triggered when a critical service goes down and normal operations are seriously impacted. This can be a router, firewall, server or and ISP. We recommend that you use an email enabled pager or cell phone to receive Red Alarms, so that you are immediately aware of the problem.

 

A Yellow Alert is something that you should see within a few hours at the most. Examples of Yellow Alerts would be Anti Virus 'Virus Found' and firewall 'Attack Detected' messages. They are typically used for problems that have successfully resolved, as opposed to failures, and we recommend that your normal email be used.  These are alerts that you should monitor carefully for possible trends.

 

Finally, Green Status notifications are used for routine messages such as periodic reports, log files, etc..  Most of our clients keep these Notifications and refer to them only if necessary.  

Can different people be notified for different problems?

Absolutely!  In fact, the true power of MMS is when you use it as an intelligent dispatcher of 'trouble tickets'.  While smaller organizations typically have have a single IT person responsible for all issues, larger businesses must separate areas of responsibility.  MMS accommodates this by design.  For example, all router and firewall messages may go to one IT staff member, server problems go to another and anti-virus alerts go to yet another.  Furthermore, vendors, contractors and business partners can be notified if a link or service becomes unavailable.  We suggest to our clients configure MMS to automatically contact their ISP if a DSL or T1 link goes down.

 

In addition, you may designate different notification recipients by time of day, or day of the week.  For example, one staff member can be 'on call' during business hours and another on evenings and weekends.  Finally any notification can be simultaneously sent to more than one individual to ensure that the message is received by someone.   

My ISP says that they are monitoring our web server that we host with them.  What’s wrong with that?

Nothing, but checking whether your web server is up or down is just a small part of the big picture.  Is the server protected by a firewall?  What other TCP/IP ports are open on the server?  What’s the patch level on the server OS.  Have the latest security updates been applied?  Who often do they check on the server status?  How long does it take for them to notify you?  Are they checking your server from outside their network?

How often do you scan devices and services?

We normally scan each monitored device every 2 minutes, although 1 minute service is available at extra cost. We do poll at longer intervals (15min) with our Asset Control Monitoring service.  This is limited to non-critical client devices such as PCs or workstations, and is used as an inventory check rather than for critical monitoring.  In this situation, we alert the client when a PC goes offline for more than 30 minutes, or when new equipment appears during the discovery process on their network. This is a valuable tool for asset control, and monitoring for unauthorized devices are plugged into the network. This is especially useful for detecting unauthorized intruder on a wireless network.

Will I get false alerts?

Yes, but rarely.  The only way to guarantee that you will not receive false alerts is to configure the system in such a way that you will probably miss some valid alerts. No system is perfect, and one has to choose between false positives (alert issued when there’s no valid cause) and false negatives (no alert when there is a valid cause).  In the security business, most people choose to tolerate a small number of false alerts (positives) so that they are confident that they are notified whenever a real event does occur (no false negatives).  By default, we allow a poll timeout of 10 seconds, and signal an alarm when 3 consecutive polls are missed.  These values can be customized as needed. We recommend that clients include Network Map Access in their monitoring plans so that they can visually confirm alerts.

Why do I need to provide you with VPN access? Is it secure?

VPN access is only required for monitoring devices or ports that are not accessible from the Internet. Server, application, firewall and asset control monitoring do typically need a VPN connection.  In most cases, the only port open on the VPN that we require to poll internal equipment is ICMP (Ping).  All client VPN tunnels are 'one-way' in that we have sufficient rights to poll the devices on the client's network, but no traffic that originates from the client can pass our firewall. This means that if a client's network is breached, there is no possibility of access to our monitoring subnet or to any other client's network.

Other services will keep paging me until the problem is resolved. Can you do that?

Our clients have used such services in the past and have almost universally chosen NOT to be paged or emailed repeatedly.  Today, notification delivery is very reliable and it avoids having to wade through screen after screen of messages.  However, we do optionally offer up to 2 follow-up notifications for those who are uncomfortable with just a single alert.  You can choose the intervals, but we recommend 15min/30min for Red Alarms, and 30min/2hours for less critical situations.  

If I get an alarm that a device is down, will I be notified when it comes back up?

Yes.  By default, you will be sent an ‘up’ notification within two minutes of restoration of a monitored device or port.  If you prefer not to be notified of an UP status, we can change this.

How much does all this cost?

You can register for a FREE Vulnerability Scan to get started.  Our Managed Monitoring Service is surprisingly affordable, starting at $59.95 monthly.  Please contact us for pricing information for your specific needs.

Other monitoring services are offering very low pricing. Why are you charging more?

Excellent question. The answer has two parts:

Part 1: Other services offer some very cheap prices, but there's a catch.  The polling interval they use to check on your critical devices is typically 15min and may be as long as 60min. This means that you will not be alerted for at least 30min, and perhaps for as long as 2 hours.  The reason that the alert time is doubled is simple. Frequently, a polling packet will get dropped somewhere on the internet. We often see a single poll missed for any device we monitor over the internet.  This is normal and to be expected.  If we alerted you every time a single poll was missed, you would soon be calling us saying that the monitored device is fine, and why are we bugging you?. To know that a device or port is really down, you need at the very minimum 2 polls and realistically 3 consecutive polls missed.  Now you can see that 15min polling translates into a 30min downtime 'window' before you are alerted.  Our MMS uses 2 minute polling and we typically issue an alert after 2-3 missed polls.  This means that you will be notified within 4-6 minutes of a device failure, instead of from half and hour to over 2 hours.  Bottom line: you get what you pay for.

Part 2: While other providers specialize in monitoring a single host (typically a web server) for thousands of customers, we encourage our client to have us monitor more of the mission- critical devices on their network. Because we often have VPN access to client's internal networks, our relationship with the client is much closer and more trusted than with many of the other services. We encourage this by pricing the first monitored device a little higher than our 'competitors', but pricing additional devices far lower. For example, the cost of monitoring 5 critical devices with 2 minute polling is less than $35 per device. This is far lower than any competitor.

What is Network Map Access?

The Map Access option gives you a login to the color-coded map of your monitored devices and services using a standard web browser.  You can view the current status of each device and acknowledge alerts.  A log of recent events as well as detailed statistics of up/down time and transit times is readily available.  Network Map Access is highly recommended for anyone who wants to see at-a-glance the overall health of their network.

Why would I need your Windows Update Service?

Microsoft has said that Windows PCs and servers must be regularly updated with the latest Security Updates and Critical Hot-fixes for their systems to as secure as possible.  These are released almost daily, so the task of maintaining current patches and fixes is a time consuming headache.  Microsoft has recently offered an automated Windows Update client that will automatically download and (optionally) install whatever Microsoft deems necessary.  While this is a step in the right direction, there are two shortcomings.  First, there is no central record of which machines have been updated and which failed. Second, you get whatever Microsoft decides you need.  It's all or nothing.  This makes some people very nervous because if their constant pushing of services such as .net Passport.  When you subscribe to our Windows Update Service, you will know which PCs have been updated.  You will know that we have tested all patches and fixes before you get them and that they will be free of Adware or Spyware from Microsoft.
What's New

 

Top 10 Threats
to your data

  1. Parasites/Spyware

  2. OS Vulnerabilities

  3. Viruses & Worms

  4. Employees

  5. Hardware Failures

  6. Applications

  7. Power problems

  8. Bad backups

  9. Hackers

  10. IS Contractors

Secure?

 

Are you secure?

Or do you just think that you’re secure?

Find out today with a FREE Vulnerability Scan.
 

 
Back Home Next

 

Copyright © 2000-2006 Meridian Group Inc.