Sprint gussying up security offerings

Sprint last week launched two security services that it says will help customers mitigate distributed denial-of-service attacks and better enforce security policies.

The offerings include Sprint's IP Defender and Secure Content Management and Filtering services. They are designed to keep customer networks safer by using tools that proactively thwart distributed DoS attacks and dedicate a network appliance designed to enforce a customer's security policy, respectively, the company says.

Sprint's IP Defender service is the latest anti-distributed-DoS offering from a carrier that proactively detects attacks and then puts mitigation efforts into effect. Sprint has deployed Arbor Networks' PeakFlow, which detects network-behavior anomalies, in its network and Cisco Mitigation devices at customer sites.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Sprint last week launched two security services that it says will help customers mitigate distributed denial-of-service attacks and better enforce security policies.

The offerings include Sprint's IP Defender and Secure Content Management and Filtering services. They are designed to keep customer networks safer by using tools that proactively thwart distributed DoS attacks and dedicate a network appliance designed to enforce a customer's security policy, respectively, the company says.

Sprint's IP Defender service is the latest anti-distributed-DoS offering from a carrier that proactively detects attacks and then puts mitigation efforts into effect. Sprint has deployed Arbor Networks' PeakFlow, which detects network-behavior anomalies, in its network and Cisco Mitigation devices at customer sites.

"The Arbor piece provides the 24/7 monitoring and the Cisco element lets us divert and mitigate traffic to a black hole or another port," says John Pardun, security solutions manager at Sprint.

PeakFlow monitors networks and detects if there has been a drastic change in traffic heading toward a specific customer, which is a telltale sign of an attack. Sprint then uses the Cisco devices to immediately make changes to a customer's network to try and stop the attack. The guidelines as to when and how Sprint reacts are outlined with the customer when Sprint sets up the service.

One industry watcher says the Sprint move makes sense.

"This announcement is most important to Sprint customers," says Kelly Kavanagh, senior analyst at Gartner. The service is attractive to customers that want to increase network uptime and avoid DoS attacks as much as possible, he says.

Late last year the carrier said it would beef up its anti-distributed-DoS efforts with monitoring and mitigation services. Sprint has a network-based system that uses stateful inspection in its edge routers to examine traffic for all IP customers. But its IP Defender is an add-on service for which the carrier charges an additional fee.

Sprint is not alone in offering proactive services or charging for them. AT&T first announced its Internet Protect distributed-DOS monitoring and mitigation service in March and then added a proactive mitigation feature in June.

MCI also offers distributed DoS monitoring and mitigation service, but MCI has yet to provide a proactive mitigation feature.

As part of its DoS response service-level agreement (SLA), the carrier guarantees it will respond to DoS attacks directed at any of its IP customers within 15 minutes of when a user calls MCI and the carrier issues a trouble ticket.