1 / 19

Lesson 15 Total Cost of Ownership

Lesson 15 Total Cost of Ownership. What Drives TCO?. Networks Grow in Size and Complexity Scope of Operations Increases Skilled IT labor grows scarce New applications require new solutions. What Drives TCO in Security?. Vendors produce in-secure applications Vulnerabilities proliferate

shiri
Download Presentation

Lesson 15 Total Cost of Ownership

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Lesson 15 Total Cost of Ownership

  2. What Drives TCO? • Networks Grow in Size and Complexity • Scope of Operations Increases • Skilled IT labor grows scarce • New applications require new solutions

  3. What Drives TCO in Security? • Vendors produce in-secure applications • Vulnerabilities proliferate • Business processes depend on applications • System availability drives profit

  4. Components to Consider • Initial Cost of Product (25% of life cycle) • Vendor Support Services • Deployment Services • Time for Staff to Install and Configure • Training Cost • Post Deployment Support

  5. How to Reduce TCO? • Simplify Infrastructure (KISS) • Upgrade Infrastructure When Timing is Right • Minimize Labor Intensive Activities • Consider Remote Management • Know Your Assessment Parameters

  6. Option 3 Option 2 Option 1 HIGH Budget Line T C O Acceptable Risk Ideal Soln LOW HIGH LOW Security Risk

  7. Evaluating the Options • Option 1 • FIREWALL At Gateway Only • Option 2 • DMZ Firewall Architecture • Anti Virus Software on all DMZ machines • Option 3 • DMZ, AV S/W on DMZ Machines • VPN Access to all DMZ Machines • AV S/W and Firewalls on all Clients

  8. Evaluating Architectures • Option 1 - Screening Router • Option 2 - Dual Homed Host • Option 3 - Bastion Host • Option 4 – Screened subnet (DMZ) Which one cost more relative to risk?

  9. Option 1: Screening Router Internet Screening Router

  10. Option 2: Dual-homed Host Dual-homed host Architecture Internet Dual-homed host

  11. Option 3: Bastion Host Screened host Architecture Internet X Screening Router Bastion Host

  12. Option 4: Screened Subnet Screened subnet Architecture—aka DMZ Internet FIREWALL Exterior Router Perimeter Network Interior Router Internal Network

  13. Assumptions • Cost of Router: $3000 • Cost of Firewall: $5000 • Cost of Security Administrator--$75K/year • Managed Security Service Provider(MSSP)--$24K/year

  14. Things to Consider • Which Option Would You Choose? • Is cost the only driver? • Could You Determine TCO for the different architectures? • Given a Set of Devices Could You Compute TCO?

  15. Difficulties with ROI • Investment decisions based on ability to demonstrate positive ROI • ROI traditionally difficult to quantify for network security devices • Difficult to calculate risk accurately due to subjectivity involved with quantification • Business-relevant statistics regarding security incidents not always available for consideration in analyzing risk

  16. Option Cost—In-house • Manpower cost constant: $75K • Option 1 - Screening Router: $78K • HW Cost: $3K (cost of 1 router) • Option 2 - Dual Homed Host: $80K • HW Cost: $5K (FW cost) • Option 3 - Bastion Host: $83K • HW cost: $8000 (router + FW) • Option 4 – Screened subnet (DMZ): $86K • HW cost: $11000 (2 routers + FW)

  17. Option Cost—MSSP • Manpower cost constant: $24K • Option 1 - Screening Router: $27K • HW Cost: $3K (cost of 1 router) • Option 2 - Dual Homed Host: $29k • HW Cost: $5K (FW cost) • Option 3 - Bastion Host: $32K • HW cost: $8000 (router + FW) • Option 4 – Screened subnet (DMZ): $35K • HW cost: $11000 (2 routers + FW)

  18. New Paradigm Needed? • TJ Maxx Credit Card Theft: $450M • Wonder if they had an ROI? • Why not a TCS: Total Cost of Security? • What would one short-term outage cost? • What would one long-term outage cost? • Could we survive losing customer data? • What is it worth not to experience any of this? • Could we make money off our security expenses via marketing, branding

  19. Summary • What Drives TCO? • Reducing TCO • Option Analysis • Assumptions and Considerations • Difficulties with ROI

More Related