Carrying the Load for Security

Companies ask providers to take more responsibility for protecting networks

Overwhelmed by an onslaught of external threats that aim to take down or infiltrate their networks, enterprises are increasingly turning to their telecommunications carriers, ISPs and managed services partners to help stop attacks before they even arrive.

When enterprises are drawing up their SLAs (service-level agreements) with carriers, most already require that the providers take on the task of blocking DoS (denial-of-service) attacks, malware and spam e-mail, said Mitch Ferro, senior director of product management for Broadwing Communications Internet and managed services group.

"Were seeing that customers are looking to us for specific types of security services that naturally gravitate towards carriers, and the trend toward customers demanding DoS, spam and virus protection as part of their SLA has really taken off over the last year and a half," Ferro said. "Were trying to provide a cleaner pipe to the customer than what has been acceptable in the past. Its a question of where you stop the bad guys—at the door to your house or before they ever get to your neighborhood."

Ferro said that more than 50 percent of Broadwings ISP customers already include some reference to security requirements in their SLAs, with the number growing rapidly. Along with those guaranteed network defenses, the Austin, Texas, company also offers an additional DoS protection service for a price, as well as similar spam and e-mail security programs and a so-called Clean T1 service that includes all three types of protection.

Looking forward, Broadwing plans to create services for managed firewall outsourcing and network intrusion detection and may also launch a PWAN (private WAN) offering.

A range of technology providers are betting they can expand their own businesses by creating the tools the carriers use to protect their customers. One such company, Arbor Networks, is providing some of the underlying technology used by Broadwing to help support its own security services.

Broadwing is using Arbors Peakflow SP network monitoring and traffic measurement appliance, which promises to detect and mitigate anomalies to root out attacks.

"Providing bandwidth is becoming a commodity, so these carriers are looking for new ways to lock in revenue, hold onto customers and create new opportunities," said Danny McPherson, chief research officer at Arbor, in Lexington, Mass. "As these companies add new services for convergence, including video and [voice over IP], theyre going to need to have proactive security in place, as customers will expect the same level of performance theyve come to expect from traditional carrier services."

In another example of the continued push by carriers to extend their security expertise, some large companies have begun buying out technology specialists that can provide them with the necessary tools to compete. On Oct. 25, London-based telecommunications company BT announced that it had purchased network security outsourcing specialist Counterpane for an undisclosed sum, rumored to be in the $40 million range.

At least one industry watcher said there will likely be more deals over the coming months as carriers aggressively push to expand their security footprint. For the carriers its all about finding new ways to retain customers and build services revenue, but customers likely will appreciate noticeable network security improvements as the trend takes root across the telecom industry, said Maribel Lopez, an analyst with Forrester Research.

"It really works out well for everyone, as customers dont want to pay for bad traffic, and the service providers look better by helping to prevent nasty malware from entering the enterprise," said Lopez. "Even if the enterprises dont buy the add-ons, it makes them feel better about their carrier; we will see more acquisitions as the threats continue to change and carriers need new technologies that can help them continually monitor and update their systems."

Carrier Security Services Take Wing

Carriers, ISPs and managed services providers are beginning to offer a range of network security services. Broadwing offers:

Services available today:

* DoS attack prevention

* Malware detection and threat blocking

* Spam identification and mitigation

Services on the horizon:

* Managed firewall hosting

* Network intrusion detection services

* PWAN hosting

Source: Broadwing Communications