IBM and Narus Offer Telecom Security Package

The companies roll out a set of tools to be sold by IBM to help carriers create security programs that they can market to their customers.

Seeking to tap into the growing movement among telecommunications companies and ISPs to offer managed security services to users, IBM introduced on Dec. 4 a package of technologies aimed at helping carriers get their programs off the ground.

Built through a partnership with security software maker Narus, IBM rolled out a set of modular tools that carriers can use to expand or establish security services.

Labeled as IBMs Telecom Core Infrastructure Security package, the product integrates the companys BladeCenter, Tivoli Netcool, Websphere and DB2 products, along with Narus Insight Secure technology.

The IBM telecommunications security package promises to allow carriers to monitor network traffic to detect emerging attacks, abuse and behavioral anomalies to help prevent IT systems breaches and help telecommunications firms stem attack propagation carried out over their infrastructure.

Enterprises are increasingly demanding that their telecom providers and ISPs offer security protections as part of their licensing agreements, as a growing number of customers contend the bandwidth or services they purchase from such firms should be fed into their operations with as many security threats filtered out as possible.

As a result, carriers are adding security capabilities to keep their customers from jumping ship and to create new revenue opportunities generated by add-on security services.

IBM and Narus said security concerns in the telecom industry are also growing dramatically as carriers launch an increasing number of Internet Protocol-based services such as VOIP (voice over IP) and Web-based TV programming.

Among the types of security technologies being offered by carriers are services that aim to stop distributed denial-of-service attacks and programs for stemming spam and other e-mail-borne threats.

By combining best-of-breed technology from both companies, along with IBMs services capabilities, the partners said they can provide comprehensive security and network traffic management built specifically to help police the worlds largest infrastructure deployments.

Among the specific benefits promised by the IBM-Narus package are the ability for carriers to save money by filtering out attacks before they do damage, blend security and traffic management responsibilities, protect their infrastructure from being taken offline, and build new revenue streams by launching managed security services.

Prior to announcing the agreement, IBM, based in Armonk, N.Y., has used some of Narus security technologies internally to support customers of its own services business. Mountain View, Calif.-based Narus specializes in so-called deep packet inspection technology.

"Carriers and ISPs are actively looking to adopt technologies to prevent VOIP attacks and denial-of-service attempts because they realize that their job is to provide clean bandwidth to the customer," said Nick Trio, chief Internet architect at IBM.

"To do that they must look at all aspects of security, and they need something that tells them what is going on in their network; something that coordinates with monitoring of systems such as routers, or anything else on the network."

Among the tools offered in IBMs Telecom Core Infrastructure Security Solution, which promises to monitor and manage network health and traffic using a single, integrated system, are technologies added by the company via its recent buyouts of Internet Security Systems and Micromuse.

/zimages/4/28571.gifIBM lends a hand to telecoms with new blade. Click here to read more.

Trio said that one of the biggest challenges facing carriers looking to offer more security services is coordinating and managing data about network activity.

"Management of this is very tough, as these companies already have so many devices out there to manage, but were able to offer them a more centralized view," Trio said.

"The Narus technology talks to our tools and passes that information along to align it with data from other sources; then when they look at the information together, it gives them a much better picture of any attacks."

At least one industry watcher said that the carrier security movement will gain significant momentum in the coming year as telecom companies begin marketing their capabilities as a competitive advantage.

At the end of the day, it will be enterprises who truly benefit from the trend, said Maribel Lopez, analyst with Forrester Research, Cambridge, Mass.

"It really works out well for everyone, as customers dont want to pay for bad traffic, and the service providers look better by helping to prevent nasty malware from entering the enterprise," Lopez said.

"Even if the enterprises dont buy the add-ons, it makes them feel better about their carrier."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.