Intrusion Detection & Protection
|AT&T Managed Intrusion Detection Brochure [Service Brochure]|
Early detection is the key to intrusion protection
Developers continually update operating systems to improve the speed and functionality of computers. This can create new software vulnerabilities that attackers exploit to break into your network. Keeping security protection and expertise in sync with new vulnerabilities is a growing challenge for most organizations, especially companies with smaller IT staffs.
The AT&T world-class SOC keeps intrusion protection focused on combating real attacks, not false alarms
AT&T Managed Intrusion Detection Service quickly identifies patterns of network misuse using highly trained security experts located in our Security Operations Center (SOC). These experts not only keep attack signature databases up to date; they also have the proficiency to distinguish chance anomalies from actual attacks. Their insight helps reduce corporate risk by focusing on combating the real attacks, while ignoring false alarms.
Respond to unauthorized access with an intrusion detection system
Security attacks have an immediate impact on business operations, and can take days for an entire IT team to resolve. The AT&T Security Operations Center provides 24x7surveillance to help detect and respond to unauthorized access attempts as early as possible to help prevent damage to your website and business.
With AT&T Managed Intrusion Detection Service, a hardware/software sensor is installed on your premises and managed by the AT&T SOC. IP packets are captured and analyzed real-time using a constantly updated database containing thousands of attack signatures.
Customize your defense service
Every company has different security policies and regulations. There are several ways that you can customize AT&T Managed Intrusion Detection Service to work optimally in your own environment:
- Define specific traffic signatures that you would like included in the attack database
- Use event data gathered by AT&T to build a dynamic access control list in your firewall
- Specify incident response actions: Choose to have the SOC block the activity or respond with an alert by e-mail or phone
Combat stealth attacks with intrusion detection
Some hackers have the expertise to identify an enterprise's threshold for "normal" activity and try to enter your network just under that threshold to gather information or plant a logic bomb (code that sets off malicious activity under certain conditions). Experts at the AT&T SOC have the training to correlate volumes of information and dramatically improve the chances of catching these low-and-slow stealth-mode attacks.
Consideration for Intrusion Prevention
Do you have the tools, systems and expertise to recognize and respond to an intrusion?
If your network is connected to the Internet, you are at risk for intrusion threats. It is important to be able to identify a true intrusion with speed and accuracy. The SOC at AT&T has the expertise to identify threats from chance anomalies and can respond immediately to unauthorized access attempts.
Do you have data centers containing resources that require intrusion protection?
AT&T intrusion detection and protection services are ideal for helping to protect larger "hub" sites, such as central and regional data centers.
The AT&T Managed Intrusion Detection Service is ideal for protecting larger "hub" sites, such as central or regional data centers. A sensor in the form of an appliance sits inside your firewall and discovers anomalous activity which could put resources on your server farms at risk. Having the right design and integration of equipment is important to ensure that intrusion scanning is available to scan you traffic.
Are you running a wireless LAN (Wi-Fi) in your organization?
AT&T intrusion detection and protection detects anomalies at network Layers 3 and above. Wireless LANs operate at Layers 1 and 2. So different types of intrusion prevention and detection systems available from Wi-Fi companies should be used to scan the airwaves to detect wireless-specific threats.
Are you using AT&T Network-Based Firewall service for intrusion prevention?
AT&T Network-Based Firewall service already includes intrusion detection. Please review intrusion prevention and detection capabilities available through your firewall to verify if additional services are needed to meet your security needs.
Designing an intrusion detection system
AT&T assigns a team of experts who work with you to determine your network protection needs. These experts:
- Identify the best locations in your WAN for placing intrusion detection sensors
- Evaluate your network size, configuration and traffic to design a solution that will meet your bandwidth and budget requirements
- Make online failover and server load balancing recommendations for backup to ensure that your traffic is continually scanned
- Work to understand your network usage patterns to tune the detection system to meet your needs
AT&T orders your intrusion detection sensors installs them in the locations identified in the design phase. After thorough testing of the solution, we hand off the service to the AT&T SOC, which begins Day 2 of lifecycle operations with production monitoring, analysis, reporting and alerting.
AT&T provides complete lifecycle management and maintenance. Security event reporting is available through the AT&T BusinessDirect®, our award-winning portal that you can use for network management and administration.
Contact us to put you in touch with an AT&T security specialist today, and discover how to improve your ability to manage intrusion threats with AT&T Managed Intrusion Detection Service.
Or, if you prefer, please contact your AT&T sales representative to get started with AT&T Managed Intrusion Detection Service.