(FORTUNE Magazine) – THE ALEXANDRIA TECH CENTER, A SHORT DRIVE from the Pentagon, seems like any old, anonymous office building. It's boxy, it's gray, and inside are endless rows of cubicles and fluorescent lighting. But deep in its windowless heart, an engineer named Dante Winslow sits in what appears to be a space pod. His eyes dart back and forth. Grant Geyer, the man responsible for everything in this dark, 10,000-square-foot room, nods in Winslow's direction. "This," he declares proudly, "is where the rubber meets the road."

Winslow's eyes are getting a workout because, as an analyst for Symantec, the largest information-security company, his job is to scan for attacks on networks. More than 500 major customers have entrusted Symantec to monitor or manage their firewalls, servers, gateways, and the rest of the stuff that makes networks run. Part war room, part marketing tool, this sleek, state-of-the-art site is one of six that Geyer, who is vice president of managed security services, oversees; the others are in San Antonio, Sydney, Tokyo, Berlin, and London (where the ops are underground in a former nuclear bunker).

Getting into the room means passing a biometric scan of your palmprint. Winslow's pod sits toward the side, next to three curved rows of computers. On the front wall are 76 flat screens. The biggest, eight feet across, shows a digital projection of the globe, which rotates and displays the names of countries where Symantec's automated systems have detected a cyber attack. "We're like a neighborhood watch," says Geyer, a West Point grad. "We visualize everything a hacker is doing." Symantec's systems receive 500 million alerts each day, he says, almost all of which is dealt with automatically by software. It's up to the humans--Winslow & Co.--to step in and notify customers when the system detects an attack that's especially serious.

Outsourcing IT security is fairly new; so-called enterprise administration, of which this is part, makes up only about 10% of Symantec's $1.9 billion in annual revenue. It's a lucrative business, though, and it's growing quickly. The Boston research firm Yankee Group estimates that the market for such services will reach $3.7 billion a year by 2008.

So what happens when a virus gets released into the wild? Even the best-protected company can still be infected. Symantec estimates that in the first six months of this year, 4,500 distinct viruses were released. Most were ineffective or fairly mild, so you didn't hear about them. Other attacks, though, have wreaked havoc.

Take the Sasser worm. Released in May, it infected more than a million PCs running Microsoft Windows, including systems at Goldman Sachs, the British Coast Guard, and Taiwan's postal service. Unlike viruses, which piggyback on programs sent over the Internet, worms search out holes and weaknesses in networks and replicate all on their own. If your computer was infected, Sasser would use it to search out new victims and crash their systems.

Symantec was expecting Sasser. Like everyone else, the company typically learns of security holes from Microsoft itself. When it finds a hole in its software, Microsoft alerts customers and issues an "exploit code"--a set of instructions that pinpoint the flaw--and often a "patch" users can download to fix it. Hackers, of course, see those same alerts. In the case of Sasser, it took less than six days for hackers to use the exploit code and create the worm.

When Sasser showed up, the first thing Symantec did was grade the threat between category one and category five. Sasser was a four. Within hours, Symantec wrote its own patch and posted it online for customers. Not all customers are equal, though. Depending on the severity of the attack and what level of Symantec's services a company has bought, a customer may get special treatment. If an attack is severe, the security response team, which includes hundreds of employees around the world on call 24/7, may send instant messages and e-mails or make phone calls.

Dante Winslow constantly watches out for a handful of major customers. His computer is programmed to do "aggressive searches" of their networks. If he detects a problem, it's up to him to determine who needs to be told and then to help the customer fix it by consulting on reconfiguring firewalls or patching holes. Fixing systems can take minutes or months. Some customers want to clean up and rebuild right away. Others--say a brokerage client that processes billions of trades each weekday--may prefer to wait until the weekend. Sometimes customers can't be bothered. One company that Symantec alerted to a relatively mild virus responded by saying that its laptops were due for replacement soon anyway, so why bother fixing them?

Despite the efforts of Symantec and other information-security companies, few computer viruses can be fully eradicated. That's partly because they can mutate, much like medical viruses. In the cyberworld, remnants of Slammer, last year's virus, are still on the loose. -- Christine Y. Chen