AT&T Managed Security Services - Help detect, deter and mitigate the damage of cyber attacks and business interruptions
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Product
Brief
AT&T Managed Security Services
Help detect, deter and mitigate the damage of cyber attacks
and business interruptions
Preserving Network Integrity, security model that customers are building Benefits
Availability and Confidentiality for their businesses. Network-based security
Today’s Internet security threats range from services are designed to stop security issues • Execution
curious prowlers to savvy intruders, simple before they reach your organization’s offices. • Potential Financial Effectiveness
mischief to espionage. Without a plan to help These measures operate in tandem with the
• Highly Reliable Wireline and
protect your entire network and its connection AT&T Threat Management system that scans
Wireless Networks
points, your defense is only as strong as its traffic and helps AT&T security managers to
identify emerging problems, see their sources • Global Resources
weakest link. AT&T Managed Security Services
adds a powerful protective layer, helping you and take preventative action. To help protect
to maintain the security of your organizations customer networks and services, AT&T uses
Features
network as you access the Internet. This helps “defense in depth” security architecture, with
you take full advantage of the Internet as a security features built into every network • AT&T DDoS Defense Service
means of enhancing your existing business layer and every supporting process. The provides security alerting and
relationships with your customers and suppliers. theory of “defense in depth” is based on mitigation of DDoS attacks
the concept that multiple diverse security impacting your network
AT&T offers a wide range of security services, measures are intrinsically more effective • AT&T Mobile Security extends
availability and recovery services that provide than a single homogenous defense. So, if your security controls beyond
integrated business continuity and security the security measures in the first network the mobile device into the
solutions to support your complex networking interface layer are breached, security AT&T network
environments. We help organizations design, measures placed inside the network edge at • AT&T Firewall Services provides
deploy, manage and evolve networks, systems the second and third layers help prevent an enforcement of policy in the
and applications that are reliable and contain attacker from being successful. This makes cloud or at the premises with
security features designed to help protect it more difficult for someone to penetrate a optional features to perform
against cyber attacks and business interruptions. network because there are layers of security additional scanning
built into every system, process and piece of • AT&T Web Security offers a
AT&T security solutions start within the AT&T
the network architecture. AT&T utilizes this managed network solution for
Global Network, and extend to customers
“defense in depth” architecture with proactive content filtering and web control
and their applications. Security features are
management to quickly and easily determine • AT&T Intrusion Detection/
seen as an important component of all the
if known threats are being directed at our Prevention Service helps detect
AT&T product portfolios. For example, in the
network or may effect application performance and respond to malicious
development of services such as AT&T Voice activities by sending you alerts
and then mitigate these threats before they
over IP (VoIP), Virtual Private Networks (VPNs) specific to your network
can affect the network or the applications
and Remote Access, security features are
running across it. This way we can help reduce • AT&T Security Consulting
taken into consideration during the process
the risks to our network and help protect your Solutions utilizes our security
of designing the service architecture. The expertise to help safeguard your
AT&T network connections and the information
AT&T network is a major component in the IT infrastructure
crossing it.
Share this with
your peersProduct Brief - AT&T Managed Security Services _________________________________________________________________________________________________ 2
With AT&T Managed Security Services, you Managed Security Diagram
get the benefit of enterprise-grade security
Partner AT&T Service Node
services without the associated expense and Routing Complexes Global Customer
technology expertise required to support an Headquarter/Branch Support Centers
Security Consulting
in-house staff. We design, build and manage Ethical Hacking
Penetration Testing
our services to be reliable – providing Edge-Based Intrusion
Compliance Validation
PCI Security Assessor
Prevention and Firewall
standardization, scalability and availability
Analysis Web App.
while you retain control. This means we Mitigation Servers Servers Storage
DDOS Threat Management
provide the operations and day-to-day Network-Based
Intrusion Managed Scrubbing
Internet Protect
security infrastructure and support and you Detection Authentication
Databases
provide the policies and overall decision
Anti-Virus
Anti-Spam Network-Based
N
AT&T Global IP Network
Scanning Firewall with URL
F
making on how we apply those policies. Screening
Dial, DSL Non-AT&T Broadband/
AT&T provides both network-based and VPN Cable Dial Carrier
Premises-Based
premises-based security solutions. Our Firewall
Storage
Intrusion Detection AT&T Internet
network-based approach enables us to Custom Solutions
Data Centers
efficiently manage network security issues, Premises-Based Firewall
Intrusion Detection
redundancy, load balancing and recovery. Endpoint VPN and Endpoint
Proxy
Custom Solutions
Your Data Center
Our security expertise is based on protecting Security Security Anaylsis and Threat Management
the AT&T global network infrastructure all
day, every day of the year. You benefit from
attacks do not impact the network or affect network. These include network misuse,
that expertise, and are able to extend our
operations. AT&T has invested in developing non-conformance to your network security
capabilities to your network when you use
and applying tools to achieve world-class policies, network traffic anomalies that are
our security solutions. AT&T also offers
reliability, security features and business indicators of possible threats, phishing attacks
premises-based solutions, giving you the
continuity for businesses. Each security and other identifiable known threats.
flexibility to house security infrastructure
within your own premises. service in the AT&T portfolio provides a
different and enhanced layer of protection. AT&T DDoS Defense Service
AT&T DDoS Defense Service consists of
Proactive Network Security
AT&T Internet Protect® detection and mitigation service components
Most security services react to attacks after
AT&T Internet Protect is a security alerting that examine your Netflow data. When
they have occurred and attempt to minimize
and notification service that offers the detector identifies a DDoS attack, an
and contain damage. AT&T employs a
information regarding identified potential alarm is sent to both an AT&T operations
preventative approach to help identify attacks
attacks, including viruses, worms and denial center and to you with notification of the
and manage intrusions proactively by:
of service attacks that are in the early detected attack. Concurrently, AT&T will
• Assessing vulnerabilities formulation stages. This managed service also contact you directly. AT&T systems are
culls information from the extensive AT&T designed to reroute traffic directed at the
• Proactively scanning for potential attacks IP backbone which is one of the largest in IP Addresses that have been identified as
the world. It performs examination of over under attack to network scrubbing facilities
• Helping to protect against
19 petabytes of daily network data to help within the AT&T IP Backbone, where attack
unauthorized access
identify malicious activity from the Internet traffic is dropped and valid traffic is passed
• Quickly responding to and reporting which you can use to help predict and to your access router. Traffic destined to
suspicious activities prevent malicious traffic from infecting your your IP Addresses that are not under attack,
network. Using the Web-based Information continues to flow directly to your network.
Key to this preventative approach is the Security Portal, pagers and e-mail, AT&T Organizations who want to better protect
ability to not only collect data, but also to notifies you of identified critical malicious their network can obtain AT&T DDoS Defense
analyze, interpret and communicate it on activity and recommends immediate action. Service no matter who their service provider
a near real-time basis to help respond to AT&T Internet Protect also delivers security or carrier is. You don’t need to purchase
the incident. As the scope of cyber attacks information such as top vulnerabilities, recent network connectivity from AT&T to purchase
becomes more complex and creates more patch releases and other security “need AT&T DDoS Defense Service.
pervasive damage, prevention rather than to-know” facts. In addition to features just
containment becomes more attractive to the We have conveniently packaged and
mentioned, AT&T customers benefit from an
bottom-line. simplified the purchasing, contracting and
additional service option within AT&T Internet
billing of AT&T DDoS Defense Service, AT&T
Protect called Private Intranet Protect.
AT&T Managed Security Services Network-Based Firewall Service, AT&T Secure
Portfolio With the Private Intranet Protect option, E-mail Gateway Service and AT&T Web
The core focus of AT&T is to keep networks the traffic on your Virtual Private Network Security Service under one contract and
and applications running – and to help (VPN) is analyzed for known threats that one invoice providing an efficient and
assure that viruses, worms and other originate both internal and external to your cost-effective way to meet your business
security needs.
Share this with
your peersProduct Brief - AT&T Managed Security Services _________________________________________________________________________________________________ 3
AT&T Mobile Security We have conveniently packaged and the perimeter and within your network. The
Mobile security solutions typically scan simplified the purchasing, contracting and sensing components monitor data packet
for security risks at the device level only. billing of AT&T Network-Based Firewall Service, header and payload information to help
However, in order to maximize your AT&T Secure E-mail Gateway Service, AT&T detect known malicious activity by comparing
wireless security and help defend against Web Security Service and AT&T DDoS Defense the traffic to a continually-updated database
unauthorized applications, e-mails, and Service under one contract and one invoice of over 1,000 existing attack signatures.
disruptions in business activities, AT&T Mobile providing an efficient and cost-effective way When a pattern of misuse is detected, the
Security service provides the capability to to meet your business security needs. system is designed to respond quickly and
extend your security controls beyond the automatically according to your predefined
device and into the AT&T network. Device AT&T Premises-Based Firewall Service policies. AT&T Intrusion Prevention can help
security includes the use of application AT&T Premises-Based Firewall Service utilizes detect, contain and neutralize known threats
controls and anti-virus/anti-malware scans. industry-leading firewall platforms from Cisco, that can attack any IP enabled endpoint on
Network security provides access to an Checkpoint, Fortinet, Palo Alto Networks, and your network.
organization’s Virtual Private Network or VPN, Juniper. They protect your network perimeter
the Internet, or cloud-based services as well from the hazards resulting from connecting Additionally, a Host-Based intrusion detection/
as additional traffic filtering and scanning the Internet with your private network. prevention option is available within the AT&T
and is mobile carrier agnostic. It’s a security AT&T Premises-Based solutions scale from Intrusion Detection/Prevention Service. This
service that lets you extend, help protect, small, home office environments to large option consists of security software installed
and synchronize your security policies even globally distributed organization networks. on customer servers or hosts which monitors
if you’re not using AT&T wireless services. The standard powerful firewall capability is the networking subsystem or operating systems
complimented with the ability to add optional to determine if new Transmission Control
AT&T Firewall Security features including high availability, support for Protocol (TCP) or User Datagram Protocol (UDP)
AT&T Firewall services help protect complex security policy, VPN, DMZ/extranet services are started, or if existing services
organizations infrastructures with various support and the Next Generation capabilities have stopped.
network security functions. These fully- of Intrusion Prevention Service, Anti-Virus
managed solutions are configured to match filtering, Anti-Spam protection, Zero Day AT&T Web Security Service
your specific requirements with flexibility to Malware Detection, and URL content filtering. AT&T Web Security service helps create a
select the right level of protection. Network- protected and productive Internet environment
Based firewall, Premises-Based firewall AT&T Web Application Firewall Service for your organization. The service is designed
and Web Application firewall services are AT&T Web Application Firewall service to keep malware off your network and allow
available. Day-to-day management and is a fully managed security service that you to control the use of the Web by employing
maintenance, expert support and proactive combines Web Application Firewall Web Filtering, Web Malware Scanning and
24x7 security monitoring are provided. technology with expert management and Roaming User Support to protect users who
24x7 security monitoring to help protect web are not on the corporate network.
AT&T Network-Based Firewall Service applications and their underlying systems. We have conveniently packaged and
By placing firewall functionality into the AT&T Web Application Firewall helps customers simplified the purchasing, contracting and
network infrastructure, AT&T Network-Based meet Payment Card Industry 6.6 regulatory billing of AT&T Network-Based Firewall Service,
Firewall service inspects inbound and requirements. Web Application Firewalls are AT&T Secure E-mail Gateway Service, AT&T
outbound traffic and is designed to take deployed in front of the application servers as Web Security Service and AT&T DDoS Defense
action according to your predefined security a transparent Layer 2 bridge at the customer Service under one contract and one invoice
policies. You can also select your company’s premises or in a Hosted environment. It providing an efficient and cost-effective way
required bandwidth allocation for Internet provides protection without interrupting to meet your business security needs.
access globally through the firewall. The legitimate traffic to web applications.
service is available world-wide with firewall Additionally, AT&T Cloud Web Security Service
configurations ranging from simple outbound AT&T Intrusion Detection/Prevention Services is designed to provide comprehensive Web
only security policy to extensive bi-directional Using around-the-clock network surveillance, security including near real-time protection
policy with optional features, such as AT&T Intrusion Detection/Prevention against viruses and malware, protection
Web filtering, malware scanning, intrusion Service is designed to monitor unauthorized against compromised/hacked web sites and
detection and prevention, Application Control, attempts to access your business networks granular control of Web applications. In
Data Loss Prevention as well as support and provides you with the tools to help you addition to near real-time content security,
to protect multiple, independent network implement your internal network defense. AT&T Cloud WSS includes Negative Day Defense,
segments. Reports summarizing events and Similar to a security camera on a physical which can help secure your organization
utilization as well as policy self-management property, this service monitors network from attacks that have not yet occurred. Best
capabilities are available through the AT&T traffic by employing intrusion detection of all, AT&T Cloud Web Security requires no
BusinessDirect® portal. sensing components at various points at on-premises equipment which eliminates the
Share this with
your peersProduct Brief - AT&T Managed Security Services _________________________________________________________________________________________________ 4
need to install, house and maintain physical The service also includes a number of reports
hardware. IT staff, who would have been such as user activity, connection history and AT&T Security Services Advantage
tasked to manage on-premises solutions, can event logs as well as provides enforcement of
Proven Execution
now be better utilized to secure enterprise anti-virus updates and software patches.
• Deployment of updates based
and employee assets.
upon security and industry events
AT&T Encryption Services
AT&T Secure E-Mail Gateway Service AT&T Encryption Services is a service that • Proof of Service through Service
AT&T Secure E-Mail Gateway is a security simplifies e-mail and data encryption by Level Agreements
as a service solution that offers protection automating the management and use of
against inbound e-mail-borne threats such digital credentials. You can quickly and • Visible performance
as malicious web links and attachments, efficiently digitally sign and encrypt messages through reporting
and targeted phishing in addition to or files using existing desktop, mobile and
• Supported by the “TRUSTED”
blocking traditional spam and viruses. Just web interfaces. Multiple methods of message
AT&T infrastructure Financial
as important as preventing inbound attacks, delivery and receipt help ensure that encrypted
Effectiveness
Secure E-mail Gateway also provides the data reaches the intended audience.
powerful features you need to support your • Minimized capital and
Whether it is employees exchanging
email DLP policies through policy based asset expenditures
outbound filtering and encryption. To help confidential information with associates or
meet your e-mail storage management, the delivery of confidential statements to • Operational efficiencies through
record retention and legal and regulatory customers, AT&T Encryption Services provides AT&T skilled professionals
compliance needs the SEG Archiving service a comprehensive suite of encryption solutions
to help protect data in motion and at rest. • Innovation from AT&T Labs Highly
supports archiving of unlimited amounts of Reliable Network
data with flexible retention periods from 30
days up to 10 years. AT&T Token Authentication Service • Network availability guarantees
Organizations need to know who is gaining of up to 99.999%
We have conveniently packaged and access to network applications to help
simplified the purchasing, contracting and avoid unauthorized access and disclosure of • MPLS-based services available
billing of AT&T Network-Based Firewall Service, sensitive information. This risk of exposing to more than 180 countries
AT&T Secure E-mail Gateway Service, AT&T proprietary and sensitive information is representing 99 percent of the
Web Security Service and AT&T DDoS Defense magnified as the number of remote users world’s economy.
Service under one contract and one invoice accessing the network increases. AT&T
providing an efficient and cost-effective way Token Authentication service is a network • 38 State-of-the-art Internet
to meet your business security needs. access protection method that uses an Data Centers
enhanced security feature, called two-factor • AT&T Global Network carries
AT&T Endpoint Security authentication, which requires a user to 56.2 petabytes of data on the
AT&T Endpoint Security service is a fully provide two unique factors to gain access average business day
managed solution to help protect both end to a private network: something they know
users and company’s internal systems from (a password or PIN) and something they Global Resources
external hazards posed by doing business possess (an authenticator). This method • Approximately 2000 security experts
on the Internet. The service is designed to makes it more difficult for a hacker to gain and support professionals
enforce compliance with customer-defined access to authentication credentials than
policies for firewall, anti-virus and software a password since the authenticator’s token • 6 Network Operations Centers
compliance at remote end points. The service code changes randomly every sixty seconds • 8 Global Customer Support Centers
also provides centralized management and must be combined with a secret PIN
tools for control of remote end points and a selected by the user accessing the network.
path for customer to gain control over the
prioritized events based on their risk to
applications operating on these end points. AT&T Security Analysis and your company and the ability to mitigate
Consulting Solutions them. Critical event notifications person-to-
The service consists of central policy servers
and AT&T Global Network software clients. AT&T Security Event and Threat person and less critical event notifications
The software clients receive security policy Analysis Service get delivered via e-mail and through a
information from the servers located at AT&T Security Event and Threat Analysis customized security portal.
AT&T Internet Data Center. The software service is a virtual Security Operation Center
clients interact with the policy server to that utilizes expertise AT&T has developed in AT&T Security Device Management
receive policy updates and to perform policy security analysis and operations to correlate AT&T Security Device Management is an
enforcement. Your security policies will be information from multiple devices and integral part of the AT&T Security Analysis
populated into a central policy server by your device types, on premises and embedded and Consulting Solutions providing
administrator, and then distributed to your in the AT&T network. Based on information monitoring and management of security
users from the AT&T managed policy server. gathered, AT&T provides notification of hardware and software you own located
Share this with
your peersProduct Brief - AT&T Managed Security Services _________________________________________________________________________________________________ 5
on your premises or the implementation of silos,’ increasing cost and complexity of another set of rules in order to communicate
complex and customer security solutions. security management, and making it almost outside the domain. This separation is
AT&T Security Device Management service impossible to uniformly monitor security achieved by using the principles of domain
lets you take advantage of the AT&T Security threats across IT environments. AT&T Threat separation for systems and networks within
Network Operations Centers (S/NOC) Management and Analysis Service will help a company. Domain separation allows
expertise to monitor and manage your security address these challenges with a highly communications between two domains to
hardware, manage your security infrastructure, secure network infrastructure an optimal occur in a controlled manner, through only
or migrate to a custom security architecture blend of security consulting, on-premises and a few communication points and under
designed to meet your specific requirements. next-generation cloud security capabilities, scrutiny based on type of traffic, source,
including AT&T Network-Based Firewall destination and volume of traffic. These few
AT&T Security Consulting Service, AT&T Intrusion Detection/Prevention communication points are usually called
AT&T provides a unique and world-class Services, AT&T Secure-E-Mail Gateway Service security gateways, or choke points and
portfolio of compliance and related security and AT&T Distributed Denial of Service the rules applied at each are called choke
services. Our experience, expertise and (DDoS) Defense Service protection, and filtering. Domain separation helps ensure
commitment to open standards have security monitoring, analytics and emergency that communications between domains are
established us as a strategic and trusted response services. allowed only as authorized, going through
advisor. AT&T Security Consulting provides designated gateways, which are designed to
solutions that allow you to operate your Trust Your Security to AT&T help detect suspicious activity and block it if
security operations more efficiently. We work AT&T has a long legacy of developing security necessary. If one domain is compromised in
as a trusted team to provide knowledge services which answer the need to address a security incident, domain separation helps
based services. Our consultants have industry a defense in depth architecture, from the protect the other domains from compromise
and security expertise that can be utilized to information level to the network level. and helps contain the incident.
complete short and long term engagements. You can count on AT&T as being a trusted
Experts are focused in six areas: Security AT&T employs the principle of domain
provider with true global reach that has a
Strategy, PCI Solutions, Governance Risk and separation within its corporate intranet
comprehensive range of security, availability
Compliance Solutions, Secure Infrastructure as well as on its various service networks
and recovery services that can provide your
Solutions, Threat and Vulnerability and between the operational networks
business with integrated business continuity
Management and Application Security. and network management infrastructures.
solutions and help support your complex
Network management domains are separated
networking requirements.
AT&T Security Consulting services provide from the operational networks themselves.
a proactive, comprehensive approach to The AT&T Points of Presence (Central Offices)
Security by Design
security and compliance across all your are built with multiple security zones.
AT&T is committed to enhancing the
organizations operations. Our security Each zone has different requirements for
security services and features by continuing
consultants have accreditation in the security needs and is segmented to help
to develop security innovations and
latest security certifications and expertise prevent the traffic from leaking between
management techniques to create additional
across all aspects of security and provide zones. Various complementary mechanisms
security services for enterprises. In the
solid methodologies for validating and are deployed to maintain segmentation.
following paragraphs, we describe what
streamlining regulatory compliance. “Hardening” Infrastructure Elements Network
techniques AT&T has been using to add
infrastructure security includes both host-
security features both within its networks and
AT&T Secure Network Gateway based and network-based security elements.
within the services it provides.
AT&T Secure Network Gateway provides an The foundation of infrastructure security is
integrated, turnkey security solution on a a server. “Hardening” of the server means
Processes
single pricing schedule with multiple service locking down (restricting use of) open
All AT&T Services follow AT&T Service
and term discounts on one convenient contract server communication ports. All servers are
Realization Process that includes a focus on
and bill. The services available under AT&T “hardened” based on vendor, industry and
security considerations in every step of service
Secure Network Gateway service are AT&T internal recommendations and industry best
development and network deployment. For
Network-Based Firewall Service, AT&T Secure practices. Host-based agents (i.e., software
each new service or feature that is being
E-mail Gateway Service, AT&T Web Security used to monitor activity on a server or PC)
developed, the AT&T Security Team works
Service and AT&T DDoS Defense Service. monitor the servers looking for unauthorized
closely with product management, systems
changes in software and configurations. In
architects, engineers, developers and testers
AT&T Threat Management and addition to hardening the network elements,
to add security features into the service.
Analysis Service AT&T deploys a number of measures to help
Cyber threats have become a boardroom protect against denial of service attacks
Domain Separation
agenda with the potential to bring down an within the AT&T network, and at the service
A network that is comprised of one or more
organization’s network, create compliance (application) level. AT&T has deployed state-
systems and one or more networks, all with
issues, damage bottom lines, and impact of-the-art security mechanisms to help
a common function, constitutes a domain.
brand reputation. Additionally, disparate protect its Global IP Network and IP Services
Each domain must have a set of rules for
security technologies create ‘security against Denial of Service (DoS) and other
communication within the domain and
Share this with
your peersProduct Brief - AT&T Managed Security Services _________________________________________________________________________________________________ 6
network-based attacks while monitoring Based Remote Access are designed to take is consistent with the general architecture
IP traffic for new identified attacks such as advantage of the MPLS technology. The used in protecting organization assets
new worms and viruses. All of these systems combined force of MPLS in conjunction with from the Internet, and includes multiple
are in place and are monitored 24x7 by the AT&T multilayered security approach security domains, each with its own security
experienced security personnel. helps ensure that your organization can requirements. To further enhance the
utilize a network that is flexible and scalable security of these communications, AT&T has
Services on the AT&T Global Network for future applications. defined boundaries regarding what device
The AT&T Global Network has evolved to a can communicate with what device, thus
single, global, Multi-Protocol Label Switching Separate Services Over IP providing additional control.
(MPLS) enabled backbone over an intelligent Infrastructure
An additional challenge with VoIP is that
optical core network. MPLS, a leading edge Voice over IP (VoIP) poses particular security
a separate Session Initiation Protocol (SIP)
technology that is driving convergence in the challenges to carriers due to the protocol
establishes the communication channel while
network, is the key technological component design itself. With VoIP both the signaling as
the call data (voice) is initiated. Specifically,
underpinning this network evolution which well as the actual voice messages are carried
SIP servers are responsible for creating,
provides flexibility and quality of service in-band across the network, thus making
modifying and terminating sessions with one
beyond those found on a private network. signaling vulnerable to the same security
or more participants, however most of them
MPLS adds reliability and performance risks as other Internet traffic. Recognizing
do not include firewall functionality as part
capabilities, enabling applications to scale these challenges, AT&T has designed a
of their basic configuration. In order to help
as business needs change. AT&T is regarded separate “Services over IP“ architecture to
security of our services over IP infrastructure,
as one of the MPLS industry leaders based carry application traffic such as VoIP. AT&T
AT&T has designed so called border elements,
on its early and continuing work with this Services over IP infrastructure integrates
or intermediary gateways. The border
technology, and continues to pioneer its use with the AT&T public MPLS IP network and
element acts as an intermediary between
by offering a suite of virtual private networks has been designed with multiple layers of
domains providing an additional layer of
(VPNs) that enable MPLS. AT&T services such defense, consistent with the AT&T “Defense
security for AT&T SIP based service.
as Network-Based Firewall and Network- in Depth” principles. The design principle
Share this with
your peers
For more information, call 877.542.8666, or visit us at www.att.com/network-security.
04/28/14 AB-1133-09
© 2014 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property.You can also read
