Managed Network Services Providers










PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The reader
is available for free
download
.

Managed Network Services Providers

by James
G. Barr

Docid: 00018529

Publication Date: 2010

Report Type: TUTORIAL

Preview

Managed Network Services Providers (MNSPs) are third-party firms like AT&T
and Verizon that assume the burden of network management for companies that do
not possess the in-house resources, expertise, or desire to perform this function. Managed services include
both network and security operations
for voice and data.

Report Contents:

Executive Summary

[return to top of this report]

Managed Network Services Providers (MNSPs) are third-party firms like AT&T
and Verizon that assume the burden of network management for companies that do
not possess the in-house resources, expertise, or desire to perform this function. Managed services include
both network and security operations
for voice and data.

According to MarketsandMarkets, the managed network services market is
expected to grow from $38.60 billion in 2016 to $59.38 billion by 2021 at an estimated
compound annual growth rate (CAGR) of
9.0 percent.

The managed network services market is driven by the need to:

  • Accommodate greater
    network accessibility.
  • Manage complex networks.
  • Affect greater security.
  • Improve business processes at minimum cost.1

Relative to cost, analyst Michaela Gross observes that "managed network
services are a way for smaller businesses with limited resources to obtain IT
and networking expertise without hiring an entire IT team."2

Major Players

As reported by analyst Daniel Hein, there are seven key providers dominating
the MNSP space:

"AT&T is a major provider of fixed and mobile network services in the United
States, as well as global network services for enterprises.

"BT is a major provider of fixed-line, mobile and broadband services in
the United Kingdom that also offers global networking and IT services to
enterprise and public-sector customers.

"NTT is a global network services provider and the leading network service
provider headquartered in Japan.

"Orange Business Services, the enterprise service unit of Orange, is a global
communications service provider headquartered in France.

"Tata Communications, part of the Tata Group, is a global provider of
enterprise network services.

"Verizon is a communications, information and entertainment services
provider, and one of the world’s largest fixed and mobile network services
providers by revenue.

"Vodafone is a provider of fixed and mobile network services in multiple
countries in Europe, Africa and the APAC region."3

Description

[return to top of this report]

A Managed Network
Services Provider (MNSP) is a third party used to manage network
assets, deliver business value,
and reduce network complexity. For a company that must deal with
multiple vendors
and disparate legacy systems, while still maintaining its focus on the
core
business, turning to an MNSP can be a necessary strategy to minimize
risk and maximize results.

In general, MNSPs can help
a company’s processes, people, and finances:

  • Processes. Outsourcing network management enables
    companies to focus on their core business. MNSPs can implement
    state-of-the-art technologies, so a company can take advantage of this
    expertise and remain competitive.
  • People. Because MNSPs maintain and manage network
    services, companies do not have to employ a large IT department or recruit, hire, and retain expensive IT personnel. 
  • Finances. Cost optimization ultimately plays an
    important role in any company’s decision to outsource network management
    services. MNSPs generally provide customers with these services at a cost lower
    than doing it internally. Moreover, a company does not need to worry about
    predicting and managing costs and can potentially generate revenue more
    quickly because of reduced ramp-up time.

Specifically, MNSPs can provide a
variety of services, including the following:

  • Consulting. MNSPs can offer consulting services to assess a company’s network needs and design custom
    solutions. They
    also can make proactive recommendations, as well as offer
    comprehensive reporting and trending capabilities that enable companies
    to
    forecast future bandwidth requirements accurately. MNSPs can provide online access to metrics
    and
    detailed performance reports, such as network health and service
    levels. These
    reports can compare current and historical network data to
    evaluate network performance based on usage and errors detected.
  • Network
    Analysis.
    With 24x7x365 monitoring, alerts, and support, MNSPs can offer fault
    detection and isolation of key network events through the management of
    polls and
    traps from both devices and transport elements. In addition to providing expertise on network events, MNSPs can also
    offer
    regular performance analysis and strategic planning. In general, MNSPs
    can offer management services for the entire network lifecycle, including
    consulting
    and design, testing, implementation and/or procurement,
    upgrades or
    integration, maintenance, and training. Very importantly, MNSPs can help in multi-vendor environments.
  • Software as a Service (SaaS) / Infrastructure as a Service (IaaS) / Platform as a Service (PaaS).
    SaaS/IaaS/PaaS
    allows a company to “rent” services, infrastructure, and
    platforms without becoming locked into prohibitively
    expensive software deployments, while at the same time maintaining
    focus on core
    competencies. MNSPs can manage these
    applications via the Internet or manage the infrastructure/platform.
    The
    customer can pay on a per-user, per-month, or subscription basis.
    Shifting from upfront capital investments in licenses, systems, and
    hardware to a more flexible subscription model can generate substantial financial
    savings.
  • Security and Remote Access. It
    is critical that
    companies keep their networks secure, but it can be a daunting task for
    IT departments proactively to protect their network from viruses and
    hackers – and do their daily work as well. Similarly, it can
    be difficult to keep up with certifications and
    retain seasoned security professionals. MNSPs can provide firewall
    solutions, intrusion detection/prevention, filtering,
    and equipment maintenance. Furthermore, businesses with remote offices or a large number
    of employees who need to access corporate networks from various locations and devices can
    contract with MNSPs for fully managed, secure VPN services. 
  • Customized Cloud Security. For many companies using the cloud, the security and privacy offered by
    a cloud services provider is not enough – individual “tenants” of the
    cloud may have different levels of security needed for their data. For
    example, using the cloud for testing demands a lesser level of security
    than what is necessary for compliance and regulatory issues. Thus, although many public cloud
    providers use encryption and self-defending
    mechanisms, this security may not be sufficient for sensitive data, and MNSPs can offer customized security services.
  • Hosting and Storage. MNSPs can offer managed Web hosting
    solutions, including hosted VoIP. Hosted VoIP
    can help avoid the complexity and costs associated with deploying and
    managing an in-house PBX
    system. In addition, if companies decide to invest in Web conferencing
    software
    systems, they ordinarily have to manage and maintain them, track usage,
    and document
    effectiveness. MNSPs can absorb some or all of these processes. MNSPs can also leverage their own infrastructure to offer
    fully managed storage solutions. Managed storage solutions can include backup
    services, such as regularly scheduled tape backup with off-site storage of the
    tapes, mirroring options, or full-service storage area networks.
  • Device/Configuration/Change Management. The
    increasing numbers of
    mobile workers have introduced even more
    complications into network management – especially when companies adopt
    (or have stealth) bring your own device (BYOD) usage. Configuration
    management, particularly of mobile devices,
    is consequently a time-consuming task that is often neglected without
    regular maintenance schedules. Change management – which can aid in the
    detection of unauthorized changes to
    network and device configurations – is thus another area in which MNSPs
    can provide value.

Benefits

Partnering with MNSPs
can deliver several critical benefits to companies lacking in-house
expertise or resources. Companies
looking to outsource the management of their network to a third party can
consider the following benefits as differentiating factors among MNSPs.

  • Disaster Recovery, Business
    Continuity, and Risk Management.
    MNSPs
    can offer comprehensive disaster recovery and business
    continuity resources in the event of a catastrophe. Even a “minor”
    network disruption can have enormous financial
    impacts in a non-stop business environment. Business continuity and
    disaster recovery plans can include proactive measures
    (such as connections to multiple power grids and redundant
    telecommunications
    feeds) and reactive measures (such as diesel generators for
    power backup, recovery offices, and off-site data backup facilities).
    Also,
    MNSPs can reroute traffic around disaster areas to maintain service. Moreover, by
    managing change and letting network experts take care of
    the network, risk can not only be managed, but reduced.
  • Cost Predictability. Predictability of costs associated
    with managing the network can help with accurately projecting budgets and revenue.
    But not only can partnering with an MNSP provide businesses with
    operating cost
    savings, it can also significantly reduce capital investments. Overall,
    paying a monthly flat rate with no reduction in service is a great
    benefit, especially with current IT budget constraints due to the
    global economic crisis.
  • Service Level Agreements (SLAs). MNSPs can offer service levels that many enterprises cannot achieve if they
    manage their network resources in house. These service guarantees are an essential
    part of any managed solution. Customers expect specific commitments in writing and
    want to know what the consequences will be if and when a commitment is not met.
    The MNSP must establish an SLA for each component of the managed solution and make
    quality of service not only a technical buzzword, but also a business imperative. Predictability of service levels
    is a big plus to offer to companies.
  • Single Point of Contact. MNSPs
    can provide a single point of contact for monitoring
    and managing the infrastructure, including performing preventive
    maintenance, tracking bandwidth usage, and rerouting traffic in the
    event of
    bottlenecks or other traffic problems. Companies can then focus on
    their
    core business and benefit from MNSP best practices without having to pay and continually train additional resources.
  • Cutting-Edge Technology. MNSPs offer feature-rich network services, and they are motivated to make proactive
    upgrades to their technology to maintain a lead over the competition.
    In addition, because many companies find it prohibitively expensive
    to deploy new technology and end up trying to nurse older software
    releases until competition forces them to advance, MNSPs can help alleviate the
    burden of large outlays of cash for capital expenditures by providing access to
    new network technologies and management expertise. MNSPs can thus help
    companies evolve and remain competitive. 
  • Ability to Focus on Strategy. Some
    analysts suggest that companies can devote up to 80 percent of IT resources to
    maintaining network assets. Instead of constantly reacting to issues,
    maintaining and managing devices, updating applications, and the like,
    companies that use MNSPs can devote their time to strategy and growing
    business.

Risks

Partnering with the
wrong MNSP can be a disaster (although this can be true for any vendor/client
relationship). In general, the following risks should be considered.

  • Mission-Critical Data in the Hands of a Third
    Party.
    Potentially the biggest risk in
    partnering with MNSPs is outsourcing mission-critical parts of the
    business to a third party that may use shared, rather than dedicated, resources. 
  • Comprehensive Contracts and Unproven Business Relationships. Comprehensive contracts can lock companies into
    a bad – and often long – relationship. Outsourcing
    only specific functions to MNSPs until a good working relationship is
    established can mitigate the risk of dependency on a bad partner. MNSPs
    and
    their customers must establish an atmosphere of genuine trust. Timely
    communication is key, especially when critical business processes are
    at stake.
  • Conflicts of Interest. MNSPs are often in the position of managing their own products, as well
    as those of their competitors. This scenario opens the door to issues
    with intellectual property rights, along with product bias. Will the
    MNSP recommend its own equipment or will there be potential conflicts
    of interest?

  • Culture Clashes.
    If the culture of the MNSP clashes with its customer’s, then processes
    can be impeded. Moreover, if a company has more than one MNSP, then
    even more potential clashes can occur. For example, a carrier that is
    an MNSP may be network-centric in its concerns, while a system
    integrator that is an MNSP may be hardware- or infrastructure-centric –
    and they may not “speak the same language” or understand each other,
    much less the customer. Or an MNSP may truly be virtual and not provide
    an on-site presence, whereas a customer may prefer face-to-face
    interactions. Companies run the risk of incompatible MNSPs if they do
    not do their homework before signing on the dotted line.
Table 1. Representative MNSP
Service Offerings
and Technical Capabilities

Service Offerings

Broadband Services

Voice Services

Virtual Private Networks

Managed Network Security

Project Management

Equipment Installation &
Support

Network
Coverage & Capability

National Footprint

Multiple Points of Presence

Tier 1 ISP Status

Integrated Voice & Data

Supports Class of Service

All-Optical IP Network

Network Operations

24 / 7 / 365 Network Monitoring

Automated Problem Alerts

Trouble Management

Sophisticated Network Management Software

Redundant Network Operations Centers

Customer Portal

Security Operations

Sophisticated Security Systems

Intrusion Protection

Redundant Security Operations Centers

Certifications & Partnerships

Certified Network Staff

Vendor & Network Partners

Service
Level Agreements

Offers Specific SLAs

Customer Credits

Source: MegaPath4

Current View

[return to top of this report]

Managing costs and headcount have always been corporate priorities, but they are
even more so now.
Add the every-increasing complexity of networks, converged services,
and mobile devices,
and companies need specific expertise that they do not always retain in
house. In fact, network providers – due to this complexity – are
increasingly winning MNSP deals. Horizontal services that require
interoperability are among the first that need management.

Social media and networking are also complicating the landscape.
Companies not only need to be concerned with loss of productivity due to social
networking at work, but they also need to be concerned with managing network
risks associated with malware. For example, what if an employee exposes a
company to phishing by accessing a social network? Moreover, with social
networking, managing bandwidth has also become a big issue. Company business,
data, and archiving take up enough server space as is; add social networking –
especially due to BYOD policies – into the equation and the company spends
even more money. Furthermore, keeping up with this technology
can be expensive; MNSPs can provide this expertise more cost
effectively.

With technology advances increasing dramatically – not just in terms of
social networking – obsolescence is also a chief concern. MNSPs can
offer future-proofing. They are also becoming a more accepted part of
an enterprise’s culture, rather than falling prey to the negative
connotations once associated with outsourcing. MNSPs are now being
viewed as a weapon in the battle against constrained and constraining
budgets.

In addition, the cloud is becoming more widely adopted in
the enterprise, and companies need management expertise in this
burgeoning arena. Can commodity services or testing be used with public
clouds? When is a private cloud necessitated? And what about hybrid
clouds? How will virtualization impact resources and how can it
be managed most effectively? MNSPs can help deploy and monitor
different types of cloud solutions, as well as interoperate among
multiple clouds and networks – helping the company to focus on strategy and innovation, as it saves on customer premise equipment (CPE).

The COVID-19 Complication

Finally, the COVID-19 pandemic has exploded the network perimeter, with a
majority of knowledge workers now functioning full-time from their relatively
insecure home offices. Maintaining contact with – and control of – such far
flung network assets is a job best best handled by a managed network services
provider.

Outlook

[return to top of this report]

Enterprise Security

Enterprise officials are fast becoming resigned to the fact that network
security should be entrusted to a respected managed network services provider.
As analysts Ghasson Abdo and Curtis Price observe, "The shift to a more
digitally connected business model that has cloud at the core of the IT
architecture has created a broader attack surface with new threat vectors, which
in turn has created the need for increased investment [in] additional security
controls and personnel to operate and manage these tools."5

Since recruiting and retaining skilled cybersecurity professionals is
extremely difficult, the preferred option for responsible enterprise managers is
to enlist a managed network services provider.

SMB Security

During the five-year period from 2016 to 2021, MarketsandMarkets predicts
greater adoption of managed network services by small-to-medium-sized businesses
(SMBs), as well as increased use of managed network security services.

"SMBs have budget
constraints and it is one of the major factors driving them to outsource their
network functions to save additional installation, implementation, and
maintenance-related expenses. Irrespective of size, both large enterprises and
SMBs are selecting managed network services to gain benefits, such as reduction
in network downtime and proactive monitoring and maintenance of their networks.

"The high demand for network security services
with data backup solutions is increasing."6 This is in keeping with
general enterprise concerns relative to data security and regulatory compliance,
and helps reduce the incidence and severity of data breaches.

Software-Defined Managed Network Services

Analyst John Burke reports that, "The rise of network functions
virtualization, software-defined networking, and software-defined WAN have
created a new technology base that service providers offering managed network
services can build upon for their customers. The result is software-defined
managed network services."

Software-based services are often preferred by enterprise officials because
hardware-based systems "do not scale as easily as software and are not
portable."7

According to Burke,

"The goals of emerging software-defined managed network services are threefold:

  • "Make the service portfolio dynamic and flexible.
  • "Make the provision of services simpler and cheaper.
  • "Make the consumption of services simpler and cheaper."8

Off the Shelf Managed Services

Gartner is seeing "an increased emphasis on
standard ‘off the shelf’ managed services, rather than customized solutions,"
with enterprises deploying new services such as:

  • "Managed software-defined WAN (SD-WAN) services.
    Lightweight edge devices with zero-touch installation able to
    dynamically route traffic over different links based on policies
    under central policy management control. SD-WAN services typically provide significantly
    enhanced levels of application visibility compared with
    traditional managed router services.
  • "Network on-demand services. Network on-demand services are
    accessed from network service providers via the provider’s web
    portal. They enable enterprises to make real-time changes to
    access/port bandwidth, change transport service type and
    add/delete how many WAN services use a network port.
  • "NFV services.
    This is the replacement of purpose-built hardware devices, such
    as routers, security devices or WAN optimizers, with software
    running on virtualized hardware/equipment.
    NFV
    allows network functions to be activated on-demand and consumed
    on an ‘as a service’ basis, seeking to improve both the agility
    and cost-effectiveness of the enterprise WAN.
  • "vCPE. vCPE is
    most commonly the use of industry-standard x86-based servers,
    rather than function-specific appliances, for enterprise network
    edge functions, such as WAN edge routers, including SD-WAN; WAN
    optimization controllers (WOCs); and security functions, such as
    firewalls."9

The AWS Model of Managed Services

As reported by analyst Linda Musthaler, Yishay Yovel, vice president of market strategy at Cato Networks
believes that customers want an "AWS [or Amazon Web Services]-like handling of
[their] network.

"They want a managed network the same way they now have managed servers,
managed storage, and all these other great things that move to AWS. Unfortunately, telcos don’t have
this business model today. They are still very expensive and very complex
underneath.”

For her part, Musthaler contends that "a new approach to managed network
services is needed," a desire shared by Yovel’s Cato Networks, as well as firms
like Microsoft, Aryaka, Meta Networks, and Mode.

"In general, the new type of managed network service provider is cloud-native,
where everything resides in the cloud and customers simply subscribe to a
service, as they do today with AWS. The provider establishes a private global
network comprised of numerous points of presence over a multi-carrier Tier 1
backbone. The managed service provider then controls the routing and latency of
packets on a global scale over this predictable and SLA-backed backbone. By
using multiple links and load-balancing among them, the service provider can
offer reliability, high availability, guaranteed performance, and consistency
all around the world. What’s more, all traffic on the backbone is encrypted for
secure transport.

"Customers can connect their data centers, branches, and mobile users to this
global network at the nearest PoP. The network also peers with public clouds and
SaaS applications, giving customers direct and secure access to them. Security,
such as firewalls, anti-virus and anti-malware, and IDS/IPS, are generally
integrated right into the network and are readily available from anywhere,
including for mobile workers."10

Benefits Beyond Cost Reduction

Software-defined managed network services have advantages that transcend mere
cost reduction. Perhaps the most significant are:

  • The ability to provide a single, integrated service level agreement
    (SLA);
  • The provision of bandwidth on demand – and in real time;
  • The choice of a fully-managed services model, or a co-management
    relationship in which network responsibility is shared with the client; and
  • The availability of real-time analytics, especially if enhanced through
    artificial intelligence or machine learning.11

Recommendations

[return to top of this report]

Companies should look to
MNSPs as alternatives to buying and implementing
expensive in-house management tools and expertise. Although MNSPs
can offer similar suites of services, differentiators exist, so when
evaluating potential MNSPs, decision makers should consider the following:

  1. Make sure the MNSP is reputable, financially
    stable, and has solid references.
  2. Ensure the MSNP has a comprehensive business
    continuity/disaster recovery plan in the event of a disaster. 
  3. Request a copy of the MNSP’s catalog of solutions and services.
    This document sets forth terms and describes the solutions and services in
    writing to avoid misunderstandings down the road. Look for specialized services such as network penetration testing
    or personal cloud monitoring. In the case of personal clouds, employees
    often bypass IT officials and engage directly with cloud service providers
    like Dropbox, a dubious – and potentially dangerous – phenomenon known as
    "shadow IT."
  4. If standard services are insufficient, pursue,
    if possible, customized solutions. As analyst Melissa Coen observes, "The
    best network service provider for your business is one that can create a
    customized solution for your enterprise, extending the life of on-premises
    equipment where logical while also taking advantage of the cost-savings,
    flexibility and functionality available with a fully-managed cloud-based
    network solution."12
  5. Pursue local customer services. Southern
    California Edison warns that "National providers may be well-known, but they
    also deal with network concerns across a wide area and can’t always dedicate
    resources to your network as quickly as you need them. Local providers bring
    with them an enhanced level of service, offering in-depth knowledge of
    potential problems affecting your area and the ability to respond with
    effective solutions more quickly."13
  6. Look for technological sophistication.
    Evidence includes the incorporation of biometric authentication and the use
    of analytics powered by artificial intelligence or machine learning.
  7. Seek assurances that all MNSP operations comply with relevant industry
    regulations and standards, including privacy statutes such as the European
    Union’s (EU’s) General Data Protection Regulation (GDPR) and the California
    Consumer Privacy Act (CCPA).
  8. Work with the MNSP to develop an implementation
    timeline and project plan with specific milestones.
  9. Ask what process or methodology is used to deliver the
    service and manage the operation of the network infrastructure. Having a
    methodology provides an avenue to ensure that no steps are missed and that
    each process works seamlessly. Moreover, it shows a
    repeatable process to predict costs with confidence.

  10. Develop SLAs with financial rewards or
    penalties. SLAs must be measurable, comprehensive, and cover
    availability of services, performance, and support, and the MNSP must
    provide proactive reporting on its performance.
  11. Require regular meetings and/or conference calls to
    discuss status and issues, as well as proactive notifications before
    issues escalate.
  12. Negotiate trouble resolution procedures.
    Different fault severity levels demand different response times. Repair
    times and remediation should be documented, and penalties for not meeting deadlines should
    be agreed to and enforceable. Real-time alarms, trouble ticket visibility, and change requests should be required.
  13. Ensure the MNSP has the ability to scale services as
    business requirements grow and that the contract is consequently
    flexible.
  14. Ensure that security is robust. With the advent of cloud computing, security beyond what cloud providers offer is requisite.
    As Melissa Coen reminds us, "The days of the singularly functioning anti-virus software have long past.
    Networks now need to be protected against same-day threats, ransomware, malware
    and more. That means your network security solution must be able to block
    whatever might try to get in next. So you’ll want to stay a step ahead with a
    network service provider that can provide a cloud-based unified threat
    management (UTM) solution that’s also fully-managed."14
  15. Ensure that product bias and conflicts of interest do not influence MNSP decisions to the extent possible.
  16. If the MNSP offers training on its services, take advantage of it
    to maximize the benefits that it offers. If it does not offer training,
    ask for it.
  17. Request a dedicated, single point of contact.
  18. Just as important: establish a single point
    of contact – and accountability – within the company. Appoint a company
    executive (or senior manager) who will "own" the MNSP relationship.
  19. Meet key personnel face to face and tour facilities in person. If
    the MNSP does not have geographic representation, decide if this is a
    deal killer.
  20. Make sure the contract has an option to
    terminate upon agreed-to terms. Moreover, ensure that specific services can
    be terminated without impacting others, if necessary.
  21. If termination occurs, make sure any MNSP-held
    enterprise data is returned to the enterprise and, just as importantly, not
    retained by the MNSP.
  22. Ensure MNSP personnel are properly accredited, holding, for example, a
    Certified Information Systems Security Professional (CISSP) credential. IT
    Infrastructure Library (ITIL) and project management certifications are also
    desirable.
  23. Going forward, keep detailed records of all
    interactions between enterprise and MNSP personnel. Such records may be
    essential to dispute resolution.

To ensure uniformity in the evaluation of MNSP candidate companies, consider
issuing a request for proposal (RFP). An RFP not only provides a
structured response mechanism for potential vendors, but it requires enterprise
planners to formally – and in detail – state their requirements. In
creating the RFP, planners should solicit the recommendations of both technical
and non-technical, i.e., business, stakeholders.

[return to top of this report]

References

About the Author

[return to top of this report]

James G. Barr is a leading business continuity analyst
and business writer with more than 30 years’ IT experience. A member of
"Who’s Who in Finance and Industry," Mr. Barr has designed,
developed, and deployed business continuity plans for a number of Fortune 500
firms. He is the author of several books, including How to Succeed in
Business BY Really Trying
, a member of Faulkner’s Advisory Panel, and a
senior editor for Faulkner’s Security Management Practices. Mr.
Barr can be reached via e-mail at jgbarr@faulkner.com.

[return to top of this report]