Identify Critical Security Alerts
One of the biggest challenges network administrators face is paring down the volumes of available network monitoring data to the critical, comprehensive information that will inform the right action. AT&T security alerts help your organization get out of "firefighter mode" so you can get ahead of anomalous behavior or malware threats. You can readily access the security information you need through an AT&T security portal customized with the detailed traffic analysis views and security information relevant to your network environment.
Stay informed about required patches
Software vendors issue frequent patches to server operating system, application and security software. It's important to stay current with these to help protect your network from malware, viruses and other Internet threats.
Security alert services from AT&T continually inform you, through a web security portal, what software patches are available for the systems that your organization operates, including updates or changes to on-site firewalls. AT&T analyzes and provides security alerts with the following services:
- AT&T Internet Protect® analyzes and provides alerts for malicious traffic identified on the Internet
- Private Intranet Protect analyzes and provides alerts for malicious traffic on your VPN
Identify malicious traffic on the Internet
Security alerts services prepare you for Internet threats
At the most basic level, AT&T Internet Protect® provides real-time analysis of Internet traffic, which can be used to predict and prevent malicious traffic, such as viruses, worms and distributed denial of service attacks, from infecting your network.
Using a web-based Information Security Portal, AT&T supplies you with advanced information regarding potential attacks that are in the early formation stages in the public Internet at large, and recommends action you should consider. AT&T:
- Pulls information from the extensive AT&T IP backbone
- Performs real time examination of over 2.5 petabytes of daily network traffic to identify malicious activity from the Internet
- Delivers notification of alerts and advisories via portal, email, or text message
Security alerts keep threats away from your IP address space
Internet Protect provides visibility into what's happening in your specific IP address space. Designed for organizations that depend largely on the public Internet as their primary WAN communications platform, this fully managed service sends you alerts and notification of threats detected on the AT&T backbone which are targeted at your network.
- Analyzes your network traffic patterns over a period of time
- Sends alerts for traffic when they vary from your established traffic baselines
- Provides traffic analysis reporting, which can help you define a network profile for network architecture decisions
- Identifies potential Distributed Denial of Service (DDoS) attacks by analyzing your NetFlow data
- Is available to AT&T Managed Internet Service and AT&T Global Managed Internet Service customers
- Requires no additional hardware or software
Help protect your VPN
A fully managed service, Private Intranet Protect works in conjunction with AT&T Internet Protect to identify and analyze threats within your AT&T virtual private network (VPN) service. Designed for enterprises that rely on an AT&T Internet or MPLS VPN as their primary WAN communications platform, this service identifies threats that have penetrated your network perimeter or were launched from an internal source.
By analyzing your VPN traffic, this service helps detect the following threats before they have a chance to damage your network:
- Zero day events (attacks that exploit software vulnerabilities that are too new to be well-publicized)
- Dark address space activity
- Denial of service attacks
- Protocol misuse
- Global security threats
- Phishing attacks
Security Alert Considerations
What Web servers, operating systems and application software are you running?
You must be aware of what systems are live in your environment to help protect them from attack. Having an up-to-date inventory will enable you to take action on all the relevant alerts and threats being directed at each system.
Do your systems and security administrators operate primarily in "firefighter mode," reacting to a security issue after the fact?
Today's reporting systems offer a wealth of network analysis information. Culling the relevant information to determine an actual, actionable risk is a labor-intensive process. Outsourcing that process to a service provider allows you to leverage the network visibility and resources of the provider to get the most meaningful information in the shortest period of time.
What alerting or filtering systems do you have in place?
Be sure to keep a complete inventory of all live systems in your environment so that you can protect them from attack.
AT&T security alerts are most useful in enterprises that are not already passing traffic through a network-centric filtering method. Significant benefits will be realized if you are:
- Hosting your own VPN concentrators to terminate VPN tunnels
- Receiving email directly on your own email servers
How will you mitigate the threats?
AT&T security alerts keep your security administrators informed of relevant threats and anomalies - which will require action or remediation. If you would prefer AT&T to mitigate the risks on your behalf, consider the AT&T Distributed Denial of Service (DDoS) Defense service, an optional feature that works with AT&T Internet Protect.
Designing a Security Alert System
Security consulting experts from AT&T can work with you to conduct a risk analysis and help you create custom security policies that will meet your security and compliance needs.
Once your security policies are defined, AT&T will design an alert system that can help reduce your security risk and respond to appropriate threats.
To receive Internet Protect alerts, customers need only request access to the service, and supply AT&T with the IP address range that they would like monitored for alerting purposes.
To receive Private Internet Protect, customers having AT&T manage their routers can simply order the service and AT&T will coordinate all aspects of the turn-up. If you are managing your own routers rather than using an AT&T managed router service, you will need to redirect NetFlow traffic to AT&T security data collectors. AT&T performs traffic analysis in our infrastructure, and provides alerts and reporting via a portal.
Trouble ticketing, service and management are immediately available with one mouse click.
Service and support for AT&T Internet Protect® is available through the AT&T BusinessDirect® portal. This Web portal provides you with a highly secure, convenient, reliable way to access your AT&T account and manage your services online from any Web browser.
For Internet Protect and Private Intranet Protect, service and support is available through a convenient private portal.
For more information on Security Alert services, or to discuss your information protection needs with a security specialist, contact us today.
Existing AT&T Enterprise customers can work with their AT&T sales representative to begin receiving AT&T security alerts or order one or more alerting services directly through the AT&T BusinessDirect® portal.