Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products



Similar documents
Q&A: How Can ERP Recurring Costs Be Contained?

Research. Key Issues for Software as a Service, 2009

The Current State of Agile Method Adoption

The Hype Around an Integrated Talent Management Suite Outpaces Customer Adoption

Deliver Process-Driven Business Intelligence With a Balanced BI Platform

The Lack of a CRM Strategy Will Hinder Health Insurer Growth

Managing IT Risks During Cost-Cutting Periods

2010 FEI Technology Study: CPM and BI Show Improvement From 2009

Research Agenda and Key Issues for Converged Infrastructure, 2006

Responsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users

Use These Guidelines for Making Better CRM Consulting Provider Selections

Key Issues for Identity and Access Management, 2008

IT asset management (ITAM) will proliferate in midsize and large companies.

BEA Customers Should Seek Contractual Protections Before Acquisition by Oracle

Q&A: The Many Aspects of Private Cloud Computing

Integrated Marketing Management Aligns Executional, Operational and Analytical Processes in a Closed-Loop Process

The Five Competencies of MRM 'Re-' Defined

Business Intelligence Platform Usage and Quality Dynamics, 2008

Best Practices for Confirming Software Inventories in Software Asset Management

Organizations Should Implement Web Application Security Scanning

When to Use Custom, Proprietary, Open-Source or Community Source Software in the Cloud

IT Operational Considerations for Cloud Computing

Toolkit: Reduce Dependence on Desk-Side Support Technicians

Eight Critical Forces Shape Enterprise Data Center Strategies

Best Practice: Having a 'Big Picture' View of IP Telephony Will Give the Buyer More Control

Real-Time Decisions Need Corporate Performance Management

For cloud services to deliver their promised value, they must be underpinned by effective and efficient processes.

The EA process and an ITG process should be closely linked, and both efforts should leverage the work and results of the other.

The What, Why and When of Cloud Computing

Cost-Cutting IT: Should You Cut Back Your Disaster Recovery Exercise Spending?

The IT Service Desk Market Is Ready for SaaS

Knowledge Management and Enterprise Information Management Are Both Disciplines for Exploiting Information Assets

Vendor Focus for IBM Global Services: Consulting Services for Cloud Computing

An outline of the five critical components of a CRM vision and how they contribute to an enterprise's CRM success

Key Issues for Data Management and Integration, 2006

Overcoming the Gap Between Business Intelligence and Decision Support

Case Study: New South Wales State Department of Education Adopts Gmail for 1.2 Million Students

XBRL Will Enhance Corporate Disclosure and Corporate Performance Management

Repurposing Old PCs as Thin Clients as a Way to Save Money

IT Architecture Is Not Enterprise Architecture

Case Study: A K-12 Portal Project at the Miami-Dade County Public Schools

Cloud Decision-Making Criteria for Educational Organizations

2009 FEI Technology Study: CPM and BI Pose Challenges and Opportunities

Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in

Successful EA Change Management Requires Five Key Elements

Key Issues for Business Intelligence and Performance Management Initiatives, 2008

Tactical Guideline: Minimizing Risk in Hosting Relationships

Gartner Clarifies the Definition of the Term 'Enterprise Architecture'

Cloud, SaaS, Hosting and Other Off-Premises Computing Models

Business Intelligence Focus Shifts From Tactical to Strategic

Iron Mountain's acquisition of Mimosa Systems addresses concerns from prospective customers who had questions about Mimosa's long-term viability.

The Value of Integrating Configuration Management Databases With Enterprise Architecture Tools

CDOs Should Use IT Governance and Risk Compliance Management to Advance Compliance

How Eneco's Enterprisewide BI and Performance Management Initiative Delivered Significant Business Benefits

Key Issues for Consumer Goods Manufacturers, 2011

2010 Gartner FEI Technology Study: Planned Shared Services and Outsourcing to Increase

Invest in an analysis of current metrics and those missing, and develop a plan for continuous management and improvement.

Discovering the Value of Unified Communications

Cloud IaaS: Service-Level Agreements

Understanding Vulnerability Management Life Cycle Functions

The Six Triggers for Using Data Center Infrastructure Management Tools

Microsoft and Google Jostle Over Cloud-Based and Collaboration

Now Is the Time for Security at the Application Level

The Next Generation of Functionality for Marketing Resource Management

Research. Mastering Master Data Management

Roundup of Business Intelligence and Information Management Research, 1Q08

Transactional HR self-service applications typically get implemented first because they typically automate manual, error-prone processes.

Organizations Must Employ Effective Data Security Strategies

Microsoft's Cloud Vision Reaches for the Stars but Is Grounded in Reality

Private Cloud Computing: An Essential Overview

Data in the Cloud: The Changing Nature of Managing Data Delivery

Embrace Virtual Assistants as Part of a Holistic Web Customer Service Strategy

IAM can utilize SIEM event data to drive user and role life cycle management and automate remediation of exception conditions.

How to Develop an Effective Vulnerability Management Process

User Survey Analysis: Usage Plans for SaaS Application Software, France, Germany and the U.K., 2009

Gartner Defines Enterprise Information Architecture

Emerging PC Life Cycle Configuration Management Vendors

Tips for Evaluators: Better Business Intelligence RFPs

ERP, SCM and CRM: Suites Define the Packaged Application Market

Risk Intelligence: Applying KM to Information Risk Management

Recognize the Importance of Digital Marketing

Make the maturity model part of the effort to educate senior management, so they understand the phases of the EIM journey.

EHR Advantages and Disadvantages

Governance Is an Essential Building Block for Enterprise Information Management

Government 2.0 is both citizen-driven and employee-centric, and is both transformational and evolutionary.

Backup and Disaster Recovery Modernization Is No Longer a Luxury, but a Business Necessity

Global Talent Management Isn't Just Global

NGFWs will be most effective when working in conjunction with other layers of security controls.

Case Study: Innovation Squared: The Department for Work and Pensions Turns Innovation Into a Game

What to Consider When Designing Next-Generation Data Centers

In the North American E-Signature Market, SaaS Offerings Are Increasingly in Demand

Document the IT Service Portfolio Before Creating the IT Service Catalog

Agenda for Supply Chain Strategy and Enablers, 2012

Enterprise Asset Management Migration Requires Detailed Planning

Predicts 2008: The Market for Servers and Operating Systems Continues to Evolve

Data Center Consolidation in Western Europe Faces Limitations

Data Center Consolidation Projects: Benefits and Pitfalls

Gartner's View on 'Bring Your Own' in Client Computing

The Seven Building Blocks of MDM: A Framework for Success

Mainframe Modernization: When Migration Is the Answer

Transcription:

Research Publication Date: 10 December 2008 ID Number: G00163195 Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products Lawrence Orans, Greg Young Most enterprises can benefit from more-aggressively negotiating their contracts for the maintenance and support of their network security equipment. Here, we provide a threestep process to help security professionals structure these negotiations. Key Findings Contract pricing for maintenance and support is fairly standard, and the discount range is narrow. It's important to maintain an ongoing record of your level of commitment (in terms of equipment purchases) to each network security vendor. Your commitment level and loyalty are essential components of the negotiation process. Because maintenance and support contracts are a recurring expense, even a small (1% to 2%) savings will make the negotiation process worthwhile. Recommendations Use the Gartner structured methodology to annually fine-tune contract negotiations for maintenance and support services. Centralize negotiations for maintenance and support so that multiple buying centers can benefit from volume discounts. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

ANALYSIS Network security professionals know they should never pay list price when purchasing firewalls, intrusion prevention systems and other security equipment; instead, they negotiate aggressively for the highest-possible discounts, no matter how small the deal. Too often, however, they aren't nearly as aggressive when negotiating maintenance and support contracts for this equipment. Although the rates are fairly standard for these contracts, there's some small room for negotiation (particularly in large deals), and savings will accumulate throughout the life of the contract. Here, we outline a three-step structured approach to help you negotiate a fair price for your maintenance and support contracts. Fees for firewall maintenance and support contracts (most vendors bundle the two services together) are, on average, 19% of the list price, with the best rates being about 15% and the highest rates about 35% (higher rates include premium support options, such as four-hour response time). Maintenance and support for network security equipment are discounted by small margins (usually only 1% to 2%), and discounts are often reserved for large contracts ($150,000 per year and higher). However, discounts also may apply to smaller contracts, and the three-step process outlined below will help you negotiate a fair deal with your vendors. Step 1: Calculate how much you're paying in annual maintenance fees to each installed vendor. This figure must be continually updated to reflect changes of equipment that has been added to or removed from the contract. Ensure that your internal records are consistent with your vendors' records. To gain maximum negotiating leverage, it's important to view maintenance charges collectively as one annual fee, as opposed to a series of multiple contracts with staggered start and end dates. If your enterprise has centralized purchasing and procurement, then check to see whether it's already tracking maintenance and support spending per vendor. Where the vendor also sells network infrastructure and/or nonsecurity products, include those numbers in your calculations. For example, if you purchase firewalls and LAN switches from Vendor X, then your calculation should include your total maintenance spending across both product categories. Step 2: Inventory each vendor's installed base within your organization and calculate how much money your organization has paid for this equipment. It's often easier to use the discounted purchase price for this calculation, but the calculation also may be based on list price. The important thing is to be consistent. If you initially base this calculation on discounted price, then you must use the discounted price to update the calculation each year. If you mix discounted price and list price, then your installed base value will be compromised. Step 3: Calculate the maintenance charges to installed base (MCIB) ratio for each installed vendor by dividing maintenance charges (Step 1) by installed base (Step 2). As your organization's commitment to a vendor (as measured by the installed base in Step 2) changes over time, the MCIB ratio should follow a predictable pattern. For example: Commitment strengthens: The MCIB ratio should reflect a slightly downward trend (see Figure 1). Commitment remains constant: The MCIB ratio should be relatively flat. Commitment weakens: The MCIB ratio may reflect a slightly upward trend. Publication Date: 10 December 2008/ID Number: G00163195 Page 2 of 5

Figure 1. MCIB Ratio Maintenance Charges Installed Base = MCIB MCIB Ratio Behavior of MCIB ratio as vendor's installed base grows in your organization X X + 1 X + 2 X + n Source: Gartner (December 2008) Year You also should annually review the level of support that you've contracted with each vendor, and track this alongside MCIB. As part of this review, determine whether a lower level of support is acceptable. Look at how often the features of that support level were invoked (for example, sameday would have been acceptable, but the contract specified four-hour response), and determine whether a changed support level will conflict with internal or customer service-level agreements. Gartner doesn't advise dropping support contracts as a money-saving strategy because security patches are an important and necessary component of these contracts. Several scenarios may lead to inconsistencies with the MCIB ratio. For example, changing the level of support from four-hour response to same-day (as per the cost-cutting move suggested in the above paragraph) will require an adjustment to the MCIB. Changing the term of a contract (for example, from one to three years) to gain a more-favorable discount also will require adjustments to the MCIB. Thus, the MCIB may not always be a straightforward calculation. As your service and support requirements change over time, you'll likely need to make one or more tweaks to the ratio to address these scenarios. The main benefit of maintaining the MCIB ratio is that it gives you a structured approach to negotiating maintenance contracts. Figure 2 shows the Gartner decision framework for assessing the impact of cost optimization projects. Network security professionals should use it to plan for MCIB initiatives in their organizations. For each of the six elements of the decision framework, we provide our expectations of the impact of a typical MCIB initiative (low, medium or high benefit). Publication Date: 10 December 2008/ID Number: G00163195 Page 3 of 5

Figure 2. Decision Framework for Security Equipment Maintenance Cost Optimization Low Benefits Medium High Potential Benefit: - How big is the cash savings if the action is implemented? Customer Impact: - What impact will this have on customers? Time Requirement: - Can you capture the savings in this fiscal year? 1% to 2% reduction in security hardware maintenance spending None no change in reliability 6 to 18 months as maintenance contracts are negotiated Degree of Organizational Risk: - Will your leaders ensure that the changes are made? Is your organization capable of adapting to the changes? Degree of Technical Risk: - Is there a risk that the change will undermine the capability of your systems to deliver? Investment Requirement: - Does the change require a large, upfront investment before savings can be captured? Is the organization willing to make an investment at all? Source: Gartner (December 2008) None no staff reductions or changes in organization and processes None maintenance levels unaffected Low better analysis and a change in the negotiation strategy Publication Date: 10 December 2008/ID Number: G00163195 Page 4 of 5

REGIONAL HEADQUARTERS Corporate Headquarters 56 Top Gallant Road Stamford, CT 06902-7700 U.S.A. +1 203 964 0096 European Headquarters Tamesis The Glanty Egham Surrey, TW20 9AW UNITED KINGDOM +44 1784 431611 Asia/Pacific Headquarters Gartner Australasia Pty. Ltd. Level 9, 141 Walker Street North Sydney New South Wales 2060 AUSTRALIA +61 2 9459 4600 Japan Headquarters Gartner Japan Ltd. Aobadai Hills, 6F 7-7, Aobadai, 4-chome Meguro-ku, Tokyo 153-0042 JAPAN +81 3 3481 3670 Latin America Headquarters Gartner do Brazil Av. das Nações Unidas, 12551 9 andar World Trade Center 04578-903 São Paulo SP BRAZIL +55 11 3443 1509 Publication Date: 10 December 2008/ID Number: G00163195 Page 5 of 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information