Worms, viruses, spam, denial of service attacks. Addressing the litany of network security issues these days is scarier than watching the local news. So service providers increasingly are stepping in to help customers figure out how to best guard themselves against attack.
“There’s so much malicious traffic out there,” says Greg Whelan, director of marketing at Quarry Technologies, which sells carrier-class security service routers.
Indeed. And that presents a nice opportunity for service providers to help customers guard against attack.
A variety of service providers already offer packages of security services, such as VPNs and firewall services, along with their broad palettes of business services.
MCI has a similar offering. “You’re going to see us make a major move into security as part of the expansion,” MCI President and CEO Michael Capellas announced earlier this year. “Security is the No. 1 concern of virtually every CIO.”
Because security is something of a specialty, some carriers are relying on outsiders like Arbor Networks and VeriSign to provide them with this security skill set.
In fact, VeriSign is supplying the firewall management and monitoring, intrusion detection, and vulnerability assessment services for MCI, says Jerry Brady, VeriSign’s managed security services chief security officer. “We’ve taken on a lot of R&D costs, a lot of management risks and our infrastructure is already built,” he adds.
He adds that managed services that share security infrastructure between different users also will allow carriers to move down market to small business, homes and home offices.
In fact, that’s already happening. Charter Communications Inc. this summer piloted security protection services based on technology from F-Secure Corp., which sells antivirus protection, personal firewall, parental controls and anti-spam control software.
The cable company, which has operations in 37 states, plans to offer the services to all of its 1.6 million high-speed data customers. For Charter’s 3meg customers, there will be no additional charge for the security services.
Layer 3 network security, which includes firewalls and IPsec VPNs, is quite mature, says Johnnie Konstantas, senior product manager at Juniper Networks Inc. “What you’re finding now is vendors of these solutions are talking a lot about protocols, applications, application-layer filtering,” says Konstantas. That includes looking for anomalies in raw data and applicationaware security where products look into the traffic payload and see if there’s malice or inappropriate data leaving the network. So Konstantas predicts service providers will offer security services that delve into the applications layer within the next three to five years.
As more new technologies like VoIP and new devices like smartphones and PDAs are added to the network, there likewise are more security concerns and opportunities, says Brady. Smartphones and PDAs, he says, give hackers new ways to breach networks with worms and other malicious attacks. Hackers essentially could shut down a whole carrier network by putting a virus in software running on a smartphone or PDA and then propagating it to nearby devices using Bluetooth, he says. One way to address that, he continues, is by putting the antivirus in the network where there is storage available. That, he says, could allow a service provider to deliver a new revenue-generating service or free differentiating feature like antispam for short messaging service and maybe antivirus for the end user’s phone. Brady says VeriSign is looking to offer this kind of option to other service providers in the future.
