That hasn't gone unappreciated. Already this year, FishNet has snagged at least seven high-profile partner recognitions including: McAfee Most Valuable Partner 2013, FireMon Top National Partner, IBM Top Revenue Award, FireEye Partner of the Year, HP PartnerOne Growth Reseller, Juniper Networks Authorized Education Partner Top Performer 2013, and the SailPoint Armada Award for North America.

But it's always got its eye on the next generation of vendor partners. "We also spend a lot of time with emerging companies that have a unique set of technologies that meet a specific customer need," Fennessy said. "If we hear a need, the evaluation starts on the technical side first. Can we deploy and manage it?"

Let's get technical

To that end, FishNet in early August officially opened its St. Paul, Minn., "cLab," a state-of-the-art facility it spent $5 million building. The laboratory supports more than 150 different technologies. It will accommodate proof-of-concept projects and evaluations centered on mobile device management, next-generation firewalls, intrusion prevention, and endpoint security. There's also a module for conducting tests involving software defined network (SDN) platforms and for simulating denial-of-service attacks.

"The capabilities of this lab are second to none," said Dan Thormodsgaard, vice president of solutions architecture. "Customers can essentially create their own lab to simulate scenarios as they could occur in their environment, so they can make informed decisions about the technologies they are purchasing. We've helped our customers cut through red tape, expedite the technology selection process and ultimately save time and money."

For example, a financial services company was able to cut the evaluation timeframe for 10 mobile security vendors to just two months, instead of the typical six months it takes to wade through this sort of process.

FishNet actually has two product testing laboratories, alongside two security operations centers supporting more than 12,000 devices and 1 billion logs daily (one is in Kansas City, the other in Atlanta), and nine authorized training centers that handle both technical training and "security awareness" sessions with employees.

"It's one thing to buy and deploy these technologies, it's another thing to make sure people use them correctly, and we get wonderful feedback for these services," Fennessy said.

Among the courses that FishNet offers are secure coding practices, application security, mobile security, and primers on PCI and HIPAA concepts. The team developed a series of eight interactive "missions" to teach end-users about compliance and practical behaviors that can improve a company's corporate security profile. "Many aspects of our training have nothing to do with a technology or a certain vendor," he said.

While FishNet doesn't specifically disclose the percentage of its revenue driven by services, its managed services offerings represent the fastest growing piece its business. Those services fall into four primary buckets: ThreatDetect log management and monitoring, ThreatAssist technology support, ThreatProtect device management, and ThreatResponse incident response.

Approximately 300 of the company's roughly 700 employees are billable consultants, alongside 30-plus strategy services advisors, not to mention more than 60 solution architects. Many of these employees have backgrounds as corporate information security officers (CISOs). "They have walked in their shoes," Fennessy said. FishNet supports three practice areas: Risk and advisory, infrastructure and operations (the largest), and threat and vulnerability.

Successful engagements may start with technical expertise, but they live and thrive according to very human factors. That's why Fennessy is a proponent of what he calls the "customer care model." The philosophy makes every single employee – from presales technical architects to project managers and everyone in between – responsible for anticipating customer needs and sharing them proactively.

"Every employee has a role in serving customers, you just have to articulate what that role is," Fennessy said.