What is Internet Protect



What is AT&T DDoS Defense?

AT&T DDoS Defense is a Distributed/ Denial of Service (D/DoS) detection and mitigation option available to customers of AT&T Internet Protect, which was announced in March. DDoS Defense not only detects the presence of a D/DoS attack, but identifies and blocks the malicious packets in real time without affecting the flow of legitimate business traffic.

What is a DDoS attack?

A Distributed/Denial of Service, or D/DoS, attack is an explicit attempt by attackers to prevent legitimate users of a service from using that service. A D/DoS attack utilizes either a single or a multitude of compromised systems to attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system takes up available resources causing it to become unavailable, thereby denying service to the system to legitimate users.

Why is AT&T DDoS Defense important?

D/DOS attacks can flood a customer network and have a large impact on business operations and resultant revenue.

However, with AT&T DDoS Defense, customers can detect and mitigate D/DoS attacks before they cause interruptions in customer networks. AT&T DDoS Defense enables AT&T to mitigate the devastating effects of D/DoS attacks by diverting attack-traffic while still allowing legitimate network traffic to pass through.

By integrating the predictive and early warning capabilities of AT&T Internet Protect with the DDoS option, we are delivering the most potent tools against denial of service attacks, which have crippled entire networks and brought businesses to a halt.

Because we provide these capabilities as fully managed services, customers don’t have to make a significant capital outlay to get this protection.

Is AT&T DDoS Defense sold as a stand-alone service?

AT&T DDoS Defense is only sold with AT&T Internet Protect and should be positioned as a real time mitigation and response option.

How does AT&T DDoS Defense differ from AT&T Internet Protect service?

AT&T Internet Protect by itself is a security early warning/ notification service. It acts on the intelligence gathered from traffic on the IP backbone and provides early warning alerts (via pager and email) with recommendations on actions to be taken (via online portal).

AT&T DDoS Defense is a mitigation option of AT&T Internet Protect. It utilizes the intelligence of AT&T Internet Protect and feeds the mitigation function and blocks malicious packets on a customer’s network traffic in real time thus allowing the flow of legitimate business.

How does AT&T DDoS Defense work?

AT&T DDoS Defense compares enterprise traffic flows to learned profiles of normal traffic patterns, behavior and protocol compliance. Traffic coming off the AT&T Back Bone that is destined for the customer’s access router is subjected to a rigorous multi-verification process to remove bad packets while only allowing legitimate traffic to pass unimpeded. By comparing traffic flows to learned profiles of normal traffic patterns, behavior, and protocol compliance, AT&T can quickly and accurately identify and mitigate a broad range of known as well as previously unseen security attacks, and immediately mitigate a broad range of DDoS security attacks. The mitigation option uses the principles of analysis, filtering and diversion to protect against DDoS attacks. When an attack is detected, suspicious traffic is immediately diverted and blocked without disrupting legitimate transactions.

Does the service identify the source of the attacks?

It can identify the source IP addresses, but in most cases, those addresses belong to zombie machines. (i.e. servers with code that, when triggered, will launch an overwhelming number of requests toward an attacked Web site) As more and more home computers are connecting to the Internet, they are becoming more vulnerable to hackers and virus writers who can turn the computers into zombie machines, ready to carry out malicious attacks.

Who is eligible for DDoS Defense?

Only customers who purchase AT&T Internet Protect are eligible, as DDoS Defense will be offered as an option of AT&T Internet Protect.

Who Could Benefit from DDoS Defense??

Customers whose business is heavily tied to e-commerce such as financial firms, e-retailers are customers who would see the largest benefit.

Where is the service available?

The service is available in the domestic US. Global customers who conduct business in the US would be eligible. We can support U.S.-based multinationals but are not actively selling it outside the U.S.

How much does this service cost?

Pricing information is not available at this time.

Is this a straight resale of Cisco equipment or are you working jointly to enhance the product specifically for AT&T customers?

Cisco will supply the equipment only. AT&T is integrating the Cisco equipment into AT&T Internet Protect to deliver a fully managed, network-based service. We’re not making any enhancements to the Cisco equipment itself.

Shouldn’t this DDOS capability be inherent in the overall network security you provide all your business customers? Why are you charging a separate fee for this?

There are inherent costs in providing and managing this capability (equipment, management, customer tuning.) Each solution is especially tuned for each customer to meet their specific needs.

How will customers know when there is a new alert or advisory?

Customers will receive an email notification of a DDoS attack.

Are reports available through the BusinessDirect portal?

For the CI, reporting capabilities are still being defined. Work with you security DNC or Gene Budsock for more information.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download