CYBERSECURITY
Understand where your business is vulnerable to help improve your enterprise security
Vulnerability scanning: a fi rst step in proactively helping defend against security breaches.
Whether a business has 20 or 20,000 employees, AT&T off ers customers vulnerability scanning services, a fundamental necessity to help drive risk from the organization.
-
Help validate that patch management tools are working properly.
-
Help work toward compliance
obligations.
-
Help demonstrate due diligence expected by security savvy customers.
-
Help maintain security posture and business continuity in situations of internal IT turnover.
-
Help reduce risks of a data
breach and its impact on
customers, employees and
corporate reputation
React quickly to DDoS attacks and shut them down
If not acted upon quickly, Distributed Denial of Service (DDoS) attacks can be extremely disruptive to your business. It’s important to have a contingency plan. AT&T Reactive DDoS Defense service is that contingency plan.
React quickly
Time is of the essence. That’s why our dedicated 24/7 AT&T Threat Management center is here for you. When you know your servers are under attack, simply call to enact the prompt and effective mitigation process that helps stop the attack before it overwhelms your network.
Scrub the attack
Divert traffic destined to the attacked IP address(es) to our scrubbing facilities. While the offending packets are cleaned, valid traffic will still be forwarded to your network via an internal VPN link. This helps minimize the impact of the attack, and lets you continue to serve clients and conduct transactions.
Analyze and act
Continuously prepare for the next strike. Through a specialized web portal, review details about previous attacks to identify potential areas that could be fortified.
Potential benefits
• Helps to protect your internal network from unauthorized activities
• Gives you a 24/7 threat response plan to defend your company from DDoS attacks
• Provides visibility into attack and mitigation details
Features
• Gives access to 24/7 AT&T Threat Management center
• Mitigates threats over specified IP address range
• Includes web portal access for service and status reporting
Be prepared with AT&T Reactive DDoS Defense
In a world of constantly evolving threats, AT&T Reactive DDoS Defense service gives you a safety net. With cybersecurity measures set in place and managed by one of the world’s largest integrated communications provider, you build a foundation for your business that can help contain risk, embrace change, and elevate trust.
More options. Integrated functionalities. Better controls.
We’ve improved our network-based firewall service to provide more security options for your network,
including integrated firewall functionality between your virtual private network (VPN) and internet, as well as enhanced capabilities between your firewall and AT&T NetBond-enabled Cloud Solution Providers.
This security solution offers near realtime policy changes to meet the ever-changing needs of your organization. The new security management reporting tool lets you review bandwidth usage, address security-related compliance issues, and configure your firewall security services according to your specific corporate security policies.
Potential Benefits
Help fortify your Network with Network-Based Firewall
• Inline security between your network, internet or cloud
• Centrally manage security policies and user permissions
• Conserve capital by utilizing preintegrated cloud infrastructure
• Easily Adjust Bandwidth as your Capacity Needs Grow
• Near-global coverage and 24/7 monitoring
• Centralized Management
• Adapt policies as compliance requirements change
• Provides customizable add-on features providing control over data passing to and from the cloud providers
Our network-based firewall solution provides:
​
• Enterprise-grade network security performance and availability.
• Scalability and on-demand capabilities that deliver dynamic bandwidth flexing in tandem with the cloud resources when used with Netbond.
• Multi-layered security for comprehensive protection.
• Added control for management simplicity, faster time to market, increased agility for IT services delivery, and reduced capital outlay.
AT&T Network-Based Firewall
AT&T Distributed Denial of Service (DDoS) Defense Battlecard
AT&T DDoS Defense Service provides cloud based monitoring of and protection against volumetric distributed denial of service att acks.
Detect
• Global view of threat landscape
• Early warning system
• 24x7 monitoring & alerts
• Cybersecurity experts identify threats
Mitigate
• Predefined plan built around your preferences
• Based on vast threat intelligence
• Drop attack packets on AT&T Network edge
Control
• Simple activation & operation
• Allows legitimate traffic flows to customers
• Filters out malicious packets
• Web portal access for service & status reports
How It Works
DDoS routes traffic through the AT&T Virtual Private Network (VPN) delivering clean traffic to the AT&T
edge providing protection from Internet facing exposures.
Reactive DDoS vs Proactive DDoS
Reactive DDoS
When you suspect a DDoS attack, you can contact the AT&T Threat Management Center to activate mitigation on the targeted IP addresses.
Proactive DDoS
Provides world class mitigation services & proactive monitoring of IP addresses . It is designed to clean DDoS attack traffic for a pre determined mitigation interval then turn off and allow normal traffic flow routing to resume.
AT&T Firewall Battlecard
AT&T Network Based Firewall
AT&T Network Based Firewall helps protect your enterprise network by providing a highly secure multi tenant cloud based firewall between AT&T VPN Service and the public Internet.
Features & Benefits
Allows you to set & manage:
•Configurable security policies across multiple platforms
•Unified Threat Management (UTM) functions
Allows you to set & manage:
•Configurable security policies across multiple platforms
•Unified Threat Management (UTM) functions
Provides high availability infrastructure that is easily managed through:
•Self service portal
•Centralized application of security policies across all locations
Provides 24x7 monitoring & management by AT&T
Eliminate the need for dedicated internet connectivity at each location
Free your resources from day to day firewall management
AT&T Premises Based Firewall
The AT&T Premises Based Firewall Service is a fully managed offering that provides customized next generation firewall protection and security policy enforcement of your network and critical assets.
Features & Benefits
•Enterprise class, scalable firewalls protect the perimeter at each customer site
•Unified Threat Management (UTM) capabilities
•Customizable policies allow or deny packets to pass through firewall
•Flexible security technologies to defend your network, servers, & applications
•Location specific security policy, tailored to meet the needs of your user base
•Provides 24x7 monitoring & management by AT&T
Unified Threat Management (UTM Functions)
•Malware Scanning
•IDS/IPS
•Web Filtering
A Cybersecurity Event
Prepare
Identify
Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities as well as a complete picture of the security an organization currently has in place, including physical hardware and software, processes, policies, vulnerabilities, and strategies.
Providers offering solutions to identify risks includes:
​
ASSESSMENTS/PLANS:
Security Assessment, Risk Assessment, Security Policy Assessment, Cybersecurity Assessment, Vulnerability Assessment, Incident Response Plan, Executive Security Strategy/Briefing AT&T, Corvid Cyberdefense, CyberHat, Flexential, Lumen, Masergy, Netrio, NuTech Logix, Rackspace, RapidScale, US Signal, Verizon, Windstream
INVENTORY
AT&T, Corvid Cyberdefense, NuTech Logix, Rackspace, RapidScale,
Verizon
VIRTUAL CSO
AT&T, CBTS, Corvid Cyberdefense, Lumen, Masergy, Netrio, Verizon
Protect
Once an organization’s needs have been identified, the next step is to develop and implement the appropriate safeguards— hardware, software, staff, and services—needed to achieve the company’s security goals and ensure delivery of critical services. These solutions support the ability to limit or contain the impact of a potential cybersecurity event.
Providers offering solutions to protect against cybersecurity events:
​
MANAGED FIREWALL & INTRUSION DETECTION/PREVENTION (IDS/IPS):
Armor, Airespring, Allstream, AT&T, BCN, CBTS, Coeo, Corvid Cyberdefense, Cybersafe, EvolveIP, First Comm, Flexential, Fusion, GTT, Hypercore, Lumen, Masergy, MetTel, NetFortris, Netrio, New Horizon, Nitel, NTT, PCCW, RapidScale, Shaw, Synoptek, Telesystems, Thrive, TPx, US Signal, Verizon,
Windstream, Zayo
ENDPOINT/MOBILE SECURITY:
Appgate, Armor, AT&T, CBTS, Corvid Cyberdefense, Cybersafe, EvolveIP, First Comm, Flexential, LogMeIn, Lumen, Masergy, MetTel, Mobile Solutions, Netrio, Netrix, New Horizon, Nitel, NTT, Phoenix Nap, RapidScale, Synoptek, Telesystems, TierPoint, Thrive, TPx, Verizon, Windstream, Zayo
E-MAIL SECURITY:
Allstream, AT&T, CBTS, Coeo, Comcast, Corvid Cyberdefense, EvolveIP, Lumen, Netrio, PCCW, Rackspace, RapidScale, Synoptek, Telesystems, Thrive, Verizon, Windstream
IDENTITY ACCESS MANAGEMENT (IAM):
AT&T, Airespring, AppGate (Cyxtera), CBTS, Corvid Cyberdefense, CyberHat, LogMeIn,
Lumen, Synoptek, Verizon
SECURITY MONITORING (INCL. SIEM):
Armor, AT&T, CBTS, Coeo, Corvid Cyberdefense, CyberHat, Cybersafe, EvolveIP, GTT, Lumen, Masergy, Netrio, NTT, Rackspace, RapidScale, Synoptek, Thrive, TPx, Verizon, Windstream
PENETRATION TESTING / VULNERABILITY SCANNING:
Armor, AT&T, CBTS, Corvid Cyberdefense, Cybersafe, Flexential, GTT, Lumen, Masergy, MetTel, NuTech Logix, Nitel, NTT, Netrio, PCCW, Rackspace, RapidScale, Synoptek, TierPoint, Thrive, TPx, Verizon, Windstream, Zayo
DOS (INCL. DDOS AND TDOS):
Airespring, AT&T, CBTS, Coeo, Comcast, Corvid Cyberdefense, Flexential, GTT, Hypercore, Lumen, Masergy, MetTel, NetFortris, Netrio, New Horizon, NTT, PCCW, RapidScale, Telesystems, TPx, US Signal Verizon, Windstream, Zayo
TRAINING:
AT&T, CBTS, Corvid Cyberdefense, EvolveIP, Flexential, GTT, Lumen, NTT, Rackspace, RapidScale, Synoptek, Verizon, Windstream
DARKWEB MONITORING: AT&T, CBTS, Netrio, NTT, Rackspace, Synoptek, Verizon
Understanding the Next-Gen FIREWALL
A majority of companies have some sort of firewall. Many feel a false sense of protection and don’t even know the potential risks of insufficient armor.
As the first required building block for an overall network security posture, a firewall is designed to block unauthorized traffic from penetrating the network. In addition to a vast array of security policies a company should employ, maintaining a firewall can stretch far beyond a full-time job and ties up a lot of IT resources.
Having a firewall alone is not enough. A firewall does not prevent viruses or malware from entering the network, it cannot detect intruders nor can it monitor network traffic. Next-Gen Firewalls are the evolution of the enterprise firewall coupled with a number of network devices filtering and security features to protect customers.
In 93% of data breaches,
systems were compromised
in minutes or less.
It is estimated that it takes most
companies more than 200 days
to detect a data breach.
Security At the Edge
Edge computing brings greater capabilities by processing data closer to users and devices. It vastly improves latency, allows critical applications to perform better, helps properly manage workloads and reduces the need for additional data storage.
Edge computing is expected to see explosive growth over the next decade with research predicting the market will increase to $43.4 billion by 2027, up 37.4% since 2019.*
FIVE COMMON SECURITY CHALLENGES OF EDGE COMPUTING
1. ARCHITECTURE – Having cloud applications securely send data back to devices
2. FRAGMENTATION – Gaining universal oversight across IoT devices at the cloud’s edge
3. PHYSICAL SECURITY – Combatting risks associated with lost or compromised devices
4. SPRAWL – Establishing coverage as boundaries continuing to grow, creating shifting constraints
5. USER ERROR – Mitigating threats of multiple devices being connected to each other and across the network
Recommendation
Multi-Layered Approach
The strongest approach to security involves multiple layers, combining different security measures including firewalls, encryption, multi-factor authentication, endpoint protection, anti-malware and ongoing security trainings. The attack surface and vectors are increasing, requiring security to extend beyond the edge to cloud and datacenter.
Patching
Updates can be critical when it comes to security patches. Not only do they provide important safety measures but oftentimes improve performance, as well. Many technologies are in rapid growth mode, the monitoring and patching of devices and services needs to be a top priority – failing to do so can have major consequences. A strict process should be in place and automated patching should be used, if possible.
Microsegmentation
Minimize risks by getting more granular, creating secure zones in data centers and cloud environments to isolate workloads and secure them individually. Microsegmentation is an essential part of a zero-trust model and provides a secure
solution as perimeters become obsolete. First focus on the most fundamental risks to critical applications, isolating based on compliance infrastructures or separating environments based on their development stages
Enhanced Threat Protection
Edge computing opens more opportunities for attackers to access your environment
through more devices, both remotely and physically. A greater number of threats
require more protection to fight off everything from network intrusions to distributed denial of service (DDoS) campaigns. Devices should only be running
secure applications, but strong threat detection solutions need to be in place to proactively identify any issues.
What’s new in CYBERSECURITY
What Your Business Needs and Probably Doesn’t Have
The cybersecurity threat landscape is drastically growing due to the erosion of the perimeter
and work from home initiatives resulting from Covid-19. Security solutions have been evolving
quickly to meet the menacing landscape. There are new security developments that you might
not even be aware of but could be crucial in keeping your business safe.
Extension of Endpoint Detection and Response EDR Capabilities
Get greater insight into your IT environment with extensions monitoring what is happening from endpoint to network and cloud applications. Services automatically handle triage and send high-alert notifications, leading to a faster incident resolution.
MDR (Managed Detection and Response)
SaaS Offerings
Quickly deploy proper monitoring and detection solutions without straining IT staff or bogging down resources. As-a-service options continue to grow in popularity and offer a sound solution to
quickly rev up services when concerned about breaches.
Security with Artificial Intelligence and Machine Learning Built In
AI and ML is being incorporated into more and more security solutions, helping to identify and respond to threats at a faster rate than humanly possible and with the capability to act predictively.
Emerging Next Gen Authentication Technology
As password security continues to be a large concern, recognition technologies can aid in keeping passwords and tokens protected. Biometric technology can identify people through facial, voice and fingerprint recognition.
Zero Trust Model Driven Solutions
Micro-segmentation, a key component of
a Zero Trust policy, can be implemented using software-defined networking services and cloud offerings. Creating network segments and strictly controlling
traffic maintains a strong security posture across the network.
