AT&T pumps up managed security offerings

AT&T is beefing up its managed security services by offering users a wider variety of tools to keep their network and traffic safe.

AT&T is beefing up its managed security services by offering users a wider variety of tools to keep their network and traffic safe.

The carrier launched its Application Firewall Service and Enhanced Managed Intrusion Detection Service last week that help protect a user’s backbone at the network and application layers.

“They are the only traditional telecom offering such services that I’m aware of,” says Matt Kovar, analyst at consulting firm The Yankee Group. “MCI teams with ISS to offer custom security services, but AT&T is the only one supporting these offerings in house.”

“AT&T traditionally hasn’t been at the cutting edge from a security standpoint,” he says. “But in the last year and a half they have been bitten by the security bug. They are aggressively evaluating next-generation technology. [AT&T] is a true thought leader in the industry,” he says.

Application Firewall Service is designed to prevent “inappropriate transactions” from accessing a customer’s server. The Web-based firewall service is for AT&T customers that host servers at the carrier’s 13 Internet Data Centers.

“Once the firewall is deployed, it goes through a learning process and sets up a baseline for the typical traffic patterns for that customer,” says Stan Quintana, director of managed security services at AT&T. The firewall then “flags anomalies” and “quarantines” the traffic so customers can determine if they want to do forensic analysis, bounce the entire transaction or let it through, Quintana says. This is AT&T’s first security service that gets into content management of transactions and operates at the application layer, he says.

The service is limited to its hosting customers, but AT&T says the offering will be introduced to “non-Internet data center Web hosting users” by year-end.

The carrier also launched its Enhanced Managed Intrusion Detection Service, which uses a series of sensors from a variety of vendors to immediately detect attacks such as distributed denial-of-service and worm attacks. AT&T already offers “standard” intrusion-detection services for its data customers, but Quintana says the standard offering uses only one sensor and might not include follow-up action other than notification if an attack is discovered.

The offering, like Application Firewall Service, is linked directly to the carrier’s Integrated Global Enterprise Management System (iGEMS) and its Security Operation Center (SOC). IGEMS gives users advanced network and application monitoring and management support.

The SOC is staffed with security experts who monitor customer networks for security breaches, and work with customers to take corrective action if security is breached.

While AT&T’s current security offers focus on detecting and thwarting attacks, the carrier says it will introduce intrusion-prevention services by year-end.

Application Firewall Service and Enhanced Managed Intrusion Detection Service are available for $3,000 to $5,000 per month in addition to a customer’s monthly data service rates.