文档库 最新最全的文档下载
当前位置:文档库 › AT&T Managed Security Services

AT&T Managed Security Services

Product Brief

With AT&T Managed Security Services, you get the benefit of world-class security services without having to maintain the service on your own. We design, build and manage our service to be reliable – providing standardization, scalability and availability from site to site while you retain control. This means we provide operations and day-to-day work and you provide the policy and overall decision making on how we apply your security policy. AT&T provides both network-based and premises-based security solutions. Our network-based approach enables us to efficiently manage network security issues, redundancy, load balancing and recovery. As the infrastructure is protected with various security features on AT&T premises, we are able to maintain this level of service all day, every day of the year. However, AT&T also offers premises-based solutions, giving you the flexibility to house security infrastructure

within your own premises.

Proactive Network Security

Most security services react to attacks after they have occurred and attempt to minimize and contain damage. AT&T employs a preventative approach to help identify attacks and manage intrusions proactively by:

? A ssessing vulnerabilities

? P roactively scanning for potential attacks ? H elping to protect against

unauthorized access

? Q uickly responding to and reporting suspicious activities

Key to this preventative approach is the ability to not only collect data, but also to analyze, interpret and communicate it on

a near real-time basis to help respond to

the incident. As the scope of cyber attacks becomes more complex and creates more pervasive damage, prevention rather than containment becomes more attractive to the bottom-line.

AT&T Managed Security Services Portfolio The core focus of AT&T is to keep networks and applications running – and to help assure that viruses, worms and other attacks do not impact the network or affect operations. AT&T has invested in developing and applying tools to achieve world-class reliability, security features and business continuity for businesses. Each security service in AT&T’s portfolio provides a different and enhanced layer of protection. AT&T Internet Protect? and Its Family

of Services

AT&T Internet Protect? is a security

alerting and notification service that offers

information regarding identified potential

attacks, including viruses, worms and denial

of service attacks that are in the early

formulation stages. This managed service

culls information from the extensive AT&T

IP backbone which is one of the largest in

the world. It performs examination of over

19 petabytes of daily network data to help

identify malicious activity from the Internet

which you can use to help predict and

prevent malicious traffic from infecting your

network. Using the Web-based Information

Security Portal, pagers and e-mail, AT&T

notifies you of identified critical malicious

activity and recommends immediate action.

AT&T Internet Protect? also delivers security

information such as top vulnerabilities,

recent patch releases and other security

“need to-know” facts. In addition to features

just mentioned, AT&T customers benefit

from additional service options within AT&T

Internet Protect? such as My Internet Protect,

DDoS Defense and Private Intranet Protect.

My Internet Protect

This service is a security alerting and

notification service for threats entering

in to your network. This service option is

designed to profile and then help detect

misuse anomalies that are related to

potential security threats and notifies if these

threats are targeted for your private network

IP addresses. My Internet Protect also

provides you with the ability to analyze and

benchmark Internet traffic targeted for your

private network.

DDoS Defense

DDoS Defense consists of detection and

mitigation service components that examine

your Netflow data. When the detector

identifies a DDoS attack, an alarm is sent

to both an AT&T operations center and to

you with notification of the detected attack.

Concurrently, AT&T will also contact you

directly. AT&T systems are designed to reroute

traffic directed at the identified IP Addresses

that are under attack to a network scrubbing

facility within the AT&T IP Backbone, where

attack traffic will be dropped while allowing

valid traffic to pass to your access router.

Traffic destined to your other IP Addresses

that are not under attack, continues to flow

directly to your network.

Private Intranet Protect

The traffic on your Virtual Private Network

(VPN) is analyzed for known threats that

originate both internal and external to your

network. These include traffic mis-use,

non-conformance to your network security

policies, network traffic anomalies that

are indicators of possible threats, phishing

attacks and other identifiable known threats.

AT&T Firewall Security

AT&T Managed Firewall services help protect

organizations infrastructures with various

network security functions. These fully-

managed solutions are configured to match

your specific requirements with flexibility to

select the right level of protection. Network-

Based and Premises-Based firewall services

are available. Day-to-day management and

maintenance, expert support and proactive

24x7x365 security monitoring are provided.

Security Security

Managed Security Diagram

By placing firewall functionality into the

AT&T network infrastructure, AT&T Network-Based Firewall service inspects inbound and outbound traffic and is designed to take action according to your predefined security policies. You can also select your company’s required bandwidth allocation for Internet access globally through the firewall. The service is available world-wide with firewall configurations world-wide with firewall configurations ranging from simple outbound only security policy to extensive bi-directional policy with optional features, such as URL filtering, malware scanning, intrusion detection and prevention as well as support to protect multiple, independent network segments. Reports summarizing events and policy

self-management capabilities are available through the AT&T BusinessDirect? portal.

The AT&T Premises-Based Firewall service utilizes industry-leading firewall platforms from Cisco, Checkpoint, Fortinet and Juniper. They protect your network perimeter from the hazards resulting from connecting

the Internet with your private network.

AT&T Premises-Based solutions scale from small, home office environments to large globally distributed organization networks. The standard powerful firewall capability

is complimented with the ability to add optional features including high availability, support for complex security policy, VPN, DMZ/extranet support and the Unified Threat Management (UTM) capabilities of Intrusion Protection Service, Anti-Virus filtering, Anti-Spam protection and content filtering.

AT&T Intrusion Detection

Using around-the-clock network surveillance, AT&T Intrusion Detection Service is designed to monitor unauthorized attempts to access your business networks. Similar to a security camera on a physical property, this service monitors network traffic by employing intrusion detection sensing components at various points at the perimeter and within the network. The sensing components monitor data packet header and payload information to help detect known malicious activity by comparing the traffic to a continually-updated database of over 1,000 existing attack signatures. When a pattern of misuse is detected, the system is designed to respond quickly and automatically according to your predefined policies. AT&T Intrusion Prevention Service

AT&T Intrusion Prevention Service provides

you with the tools to help you implement

your internal network defense. It is designed

to test for and isolate detected internal

threats by using heuristic-based protection

known as “zero day” threats. The service can

help detect, contain and neutralize known

threats from hackers, viruses and worms that

can attack any IP enabled endpoint on your

network including servers, laptops, desktops,

VOIP systems, PDA’s, network based printers,

cash registers and IP based cameras.

AT&T Web Security Service

AT&T Web Security service helps create

a protected and productive Internet

environment for your organization. The

service is designed to keep malware off your

organizations network and allow you to control

the use of the Web by employing Web Filtering,

Web Malware Scanning and Anywhere+

Control features. As a fully managed service,

AT&T Web Security Service requires no

additional hardware, upfront equipment costs

or ongoing system maintenance.

AT&T Secure E-mail Gateway

AT&T Secure E-mail Gateway service is a

network-based solution that blocks spam,

viruses, and other inbound email malware

threats before they reach your network. Just

as important as blocking inbound attacks,

Secure E-mail Gateway also gives you the

features you need to support outbound email

filtering to help protect your organization

against loss of sensitive information and

potential legal liability. This service can also

provide unlimited message archiving. And, in

the event of unexpected e-mail downtime

or disaster, it helps address your business

continuity needs.

AT&T Endpoint Security

AT&T Endpoint Security service is a fully

managed solution to help protect both end

users and company’s internal systems from

external hazards posed by doing business

on the Internet. The service is designed to

enforce compliance with customer-defined

policies for firewall, anti-virus and software

compliance at remote end points. The service

also provides centralized management

tools for control of remote end points and a

path for customer to gain control over the

applications operating on these end points.

The service consists of central policy servers

and AT&T Global Network software clients.

The software clients receive security policy

information from the servers located at

AT&T Internet Data Center. The software

clients interact with the policy server to

receive policy updates and to perform policy

enforcement. Your security policies will be

populated into a central policy server by your

administrator, and then distributed to your

users from the AT&T managed policy server.

The service also includes a number of reports

such as user activity, connection history and

event logs as well as provides enforcement

of anti-virus updates and software patches.

AT&T Encryption Services

AT&T Encryption Services is a service that

simplifies e-mail and data encryption by

automating the management and use of

digital credentials. Y ou can quickly and efficiently

digitally sign and encrypt messages or files

using existing desktop, mobile and web

interfaces. Multiple methods of message

delivery and receipt help ensure that encrypted

data reaches the intended audience.

Whether it is employees exchanging

confidential information with associates

or the delivery of confidential statements

to customers, AT&T Encryption Services

provides a comprehensive suite of encryption

solutions to help protect data in motion

and at rest.

AT&T Token Authentication Service

Organizations need to know who is gaining

access to network applications to help

avoid unauthorized disclosure of sensitive

information. This risk of exposing proprietary

and sensitive information is magnified as

the number of remote users accessing the

network increases. AT&T Token Authentication

service is a network access protection method

that uses an enhanced security feature, called

two-factor authentication, which requires a

user to provide two unique factors to gain

access to a private network: something they

know (a password or PIN) and something

they possess (an authenticator). This method

makes it more difficult for a hacker to gain

access to authentication credentials since the

authenticator’s token code changes randomly

every sixty seconds and must be combined

with a secret PIN selected by the user

accessing the network.

AT&T Security Analysis and

Consulting Solutions

AT&T Security Event and Threat

Analysis Service

AT&T Security Event and Threat Analysis service is a virtual Security Operation Center that utilizes expertise AT&T has developed in security analysis and operations to correlate information from multiple devices and device types, on premises and embedded in the

AT&T network. Based on information gathered, AT&T provides notification of prioritized events based on their risk to the company and the ability to mitigate them. Critical event notifications are made person-to-person and less critical event notifications are made via e-mail and through a customized security portal where you can also see your current security profile/preferences. A custom Executive Threat Report is distributed weekly through the portal.

AT&T Security Device Management

AT&T Security Device Management is an integral part of the AT&T Security Analysis and Consulting Solutions that provides monitoring and management of security hardware and software you own located

on your premises. AT&T Security Device Management service lets you take advantage of the AT&T Security Network Operations Centers (S/NOC) expertise to monitor and manage your security hardware, manage your security infrastructure, or migrate to

a custom security architecture designed to meet your specific requirements.

AT&T Security Consulting

AT&T provides a unique and world-class portfolio of compliance and related security services. Our experience, expertise and commitment to open standards have established us as a strategic and trusted advisor. AT&T Security Consulting provides solutions that allow you to operate your security operations more efficiently. We work as a trusted team to provide knowledge based services. Our consultants have industry and security expertise that can be utilized to complete short and long term engagements. Experts are focused in six areas: Security Strategy, PCI Solutions, Governance Risk and Compliance Solutions, Secure Infrastructure Solutions, Threat and Vulnerability Management and Application Security.

AT&T Security Consulting services provides

a proactive, comprehensive approach to security and compliance across all your organizations operations. Our security consultants have accreditation in the latest security certifications and expertise

across all aspects of security and provide

solid methodologies for validating and

streamlining regulatory compliance.

Trust Y our Security to AT&T

AT&T has a long legacy of developing security

services which answer the need to address

a defense in depth architecture, from the

information level to the network level.

You can count on AT&T as being a trusted

provider with true global reach that has a

comprehensive range of security, availability

and recovery services that can provide your

business with integrated business continuity

solutions and help support your complex

networking requirements.

Security By Design

AT&T is committed to enhancing the

security services and features by continuing

to develop security innovations and

management techniques to create additional

security services for enterprises. In the

following paragraphs, we describe what

techniques AT&T has been using to add

security features both within its networks and

within the services it provides.

Processes

All AT&T Services follow AT&T Service

Realization Process that includes a focus

on security considerations in every step

of service development and network

deployment. For each new service or

feature that is being developed, the AT&T

Security Team works closely with product

management, systems architects, engineers,

developers and testers to add security

features into the service.

Domain Separation

A network that is comprised of one or more

systems and one or more networks, all with

a common function, constitutes a domain.

Each domain must have a set of rules for

communication within the domain and

another set of rules in order to communicate

outside the domain. This separation is

achieved by using the principles of domain

separation for systems and networks within

a company. Domain separation allows

communications between two domains to

occur in a controlled manner, through only

a few communication points and under

scrutiny based on type of traffic, source,

destination and volume of traffic. These few

communication points are usually called

security gateways, or choke points and

the rules applied at each are called choke

filtering. Domain separation helps

ensure that communications between

domains are allowed only as authorized,

going through designated gateways, which

are designed to help detect suspicious

activity and block it if necessary. If one

domain is compromised in a security incident,

domain separation helps protect the other

domains from compromise and helps contain

the incident.

AT&T employs the principle of domain

separation within its corporate intranet

as well as on its various service networks

and between the operational networks

and network management infrastructures.

Network management domains are separated

AT&T Security Services Advantage

Proven Execution

?D eployment of updates based upon

security and industry events

?P roof of Service through Service

Level Agreements

?V isible performance

through reporting

?S upported by AT&T’s “TRUSTED”

infrastructure

Financial Effectiveness

?M inimized capital and

asset expenditures

?O perational efficiencies through

AT&T skilled professionals

?I nnovation by AT&T Labs

Highly Reliable Network

?N etwork availability guarantees of

up to 99.999%

?M PLS-based services available to

182 countries over 3,822 nodes

?38 State-of-the-art Internet

Data Centers

?A T&T monitors over 19 PB IP traffic

on core network each business day

for suspicious activity

Global Resources

?1,500+ security experts and

support professionals

?6 Network Operations Centers

?8 Global Customer Support Centers

from the operational networks themselves. The AT&T Points of Presence (Central Offices) are built with multiple security zones. Each zone has different requirements for security needs and is segmented to help prevent the traffic from leaking between zones. Various complementary mechanisms are deployed to maintain segmentation.

“Hardening” Infrastructure Elements Network infrastructure security includes both host-based and network-based security elements. The foundation of infrastructure security is a server. “Hardening” of the server means locking down (restricting use of) open server communication ports. All servers are “hardened” based on vendor, industry and internal recommendations and industry best practices. Host-based agents (i.e., software used to monitor activity on a server or PC) monitor the servers looking for unauthorized changes in software and configurations. In addition to hardening the network elements, AT&T deploys a number of measures to help protect against denial of service attacks within the AT&T network, and at the service (application) level. AT&T has deployed state-of-the-art security mechanisms to help protect its Global IP Network and IP Services against Denial of Service (DoS) and other network-based attacks while monitoring

IP traffic for new identified attacks such as new worms and viruses. All of these systems are in place and are monitored 24x7 by experienced security personnel. Services on the AT&T Global Network

The AT&T Global Network has evolved to a

single, global, Multi-Protocol Label Switching

(MPLS) enabled backbone over an intelligent

optical core network. MPLS, a leading edge

technology that is driving convergence in the

network, is the key technological component

underpinning this network evolution which

provides flexibility and quality of service

beyond those found on a private network.

MPLS adds reliability and performance

capabilities, enabling applications to scale

as business needs change. AT&T is regarded

as one of the MPLS industry leaders based

on its early and continuing work with this

technology, and continues to pioneer its use

by offering a suite of virtual private networks

(VPNs) that enable MPLS. AT&T services such

as Network-Based Firewall and Network-

Based Remote Access are designed to take

advantage of the MPLS technology. The

combined force of MPLS in conjunction

with the AT&T multilayered security approach

helps ensure that your organization can

utilize a network that is flexible and scalable

for future applications.

Separate Services Over IP Infrastructure

Voice over IP (VoIP) poses particular security

challenges to carriers due to the protocol

design itself. With VoIP both the signaling as

well as the actual voice messages are carried

in-band across the network, thus making

signaling vulnerable to the same security

risks as other Internet traffic. Recognizing

these challenges, AT&T has designed a

separate “Services over IP“ architecture to

carry application traffic such as VoIP. AT&T

Services over IP infrastructure integrates

with the AT&T public MPLS IP network and

has been designed with multiple layers of

defense, consistent with the AT&T “Defense

in Depth” principles. The design principle

is consistent with the general architecture

used in protecting organization assets

from the Internet, and includes multiple

security domains, each with its own security

requirements. To further enhance the

security of these communications, AT&T has

defined boundaries regarding what device

can communicate with what device, thus

providing additional control.

An additional challenge with VoIP is that

a separate Session Initiation Protocol (SIP)

establishes the communication channel while

the call data (voice) is initiated. Specifically,

SIP servers are responsible for creating,

modifying and terminating sessions with

one or more participants, however most of

them do not include firewall functionality

as part of their basic configuration. In order

to help security of our services over IP

infrastructure, AT&T has designed so called

border elements, or intermediary gateways.

The border element acts as an intermediary

between domains providing an additional

layer of security for AT&T SIP based service.

For more information, call 877-954-7771, e-mail us at mss@https://www.wendangku.net/doc/6916510846.html, or visit us at https://www.wendangku.net/doc/6916510846.html,/security.

11/11/10 AB-1133-05

? 2010 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property.

相关文档