MCI this week is expected to officially launch its WAN Defense distributed denial-of-service detection and mitigation service aimed at helping keep networks safe from attacks that can bring services to a grinding halt.

Like competitors AT&T and Sprint, MCI is offering users a fully managed service that proactively detect attacks before a customer's network is taken out by malicious distributed DoS assaults.

MCI is using Arbor Networks' PeakFlow SP network behavior anomaly-detection products to pick up on distributed DoS attacks and Cisco's Guard XT device to mitigate these attacks.

MCI has deployed three Arbor devices throughout its network in the U.S. that create a baseline for irregular traffic on MCI's IP network and flag suspicious traffic, says Chris Sharp, vice president of security architecture at MCI. Those flags are then sent to MCI's security operations center (SOC), and the tainted traffic is sent to one of the carrier's mitigation centers, where the packets are scrubbed.

Sharp says that MCI also notifies the ISP where the distributed DoS attack traffic is originating, or the carrier immediately blocks that traffic if it originates from its own network.

MCI has been working on the service for months and expected to offer it in April, but the carrier said it took extra time to integrate some of NetSec's security features with the service. MCI acquired managed security service provider NetSec in January for $105 million.

The carrier is using NetSec's Finium risk assessment and forensic analysis platform with its WAN Defense service so MCI can better react to distributed DoS attacks, Sharp says. Finium is similar to AT&T's Aurora threat management system, which AT&T is currently testing with two of its customers.

MCI says it plans on integrating Finium with other MCI security services that it expects to announce in the next six months, Sharp says. He didn't say which services would be integrated.