Crews said the service was an "excellent opportunity" to get the type of monitoring at Host.net that would otherwise be difficult for ADS to set up on its own. "They're the experts," Crews says. So far the security service with StillSecure, which has its own network operations center that monitors what goes on at the ADS virtual machines at Host.net, has worked well, Crews says. The cost, which StillSecure says is $250 a month to secure 10 virtual machines, is considered at ADS to be affordable.
Another cloud infrastructure provider, Houston-based iland, has offered an IDS/IPS monitoring service through security firm Alert Logic for well over a year at its data centers, according to Justin Giardina, iland's CTO.
In addition to the virtuaal LAN-segmented, firewall-protected configuration of VMware-based virtual machines that each company ordinarily receives as a cloud customer, there's also the option to have these VMs monitored by security firm Alert Logic from the security firm's own network operations center.
The Alert Logic monitoring makes use of host-based software that runs at the hypervisor level on behalf of the customer. The Alert Logic IDS/IPS service can be configured to automatically cordon off a segment by triggering an automated response in a Cisco ASA firewall, for example, if a problem is detected.
Not more than a quarter of iland's customers use this Alert Logic monitoring service, says Giardina. Although Alert Logic is responsible for the 24 x 7 monitoring of virtual machines, and has the direct relationship with the customer, iland also may get involved if an incident occurs.
"Not everyone understands the importance of patching," Giardina says, noting that compromises of servers have occurred through hackers and malware, and iland at times is notified by Alert Logic, too, to respond to incidents.
Although iland has no current plans to add additional third-party security services beyond that provided by Alert Logic, Giardina says iland is looking at the possibility of setting up its own antivirus scanning and protection service based on an upcoming version of Symantec's software expected to make use of the VMware-based VMsafe APIs to enable monitoring at the hypervisor level.
Read more about wide area network in Network World's Wide Area Network section.