Sonera launches a new intrusion detection and prevention service for companies
Sonera has developed a new service operating on the network for its corporate customers. The new Net Guard service examines and analyses malicious traffic in a company's internal communications network. The service aims to detect unwanted telecommunications in a customer network, such as attacks caused by hackers or viruses. The service also enables prevention of malicious traffic. Compared with traditional methods, the new kind of intrusion detection and prevention service provides a far more efficient way to protect against security breaches.
Pasi Korhonen, Department Director responsible for Sonera's corporate information security services, describes the present trend in information security services as a period of transition.
"In the information security of customer networks, we are gradually switching over to checking the contents of data communications and protecting local area networks and applications. Intrusion detection and prevention planned and maintained according to a corporate information security policy serve as ‘vaccination’ against attacks. The sooner an attack is detected, the less destruction it causes. Sonera is a forerunner in the utilization of information security technology. We are developing an increasing number of network-based information security services together with the best partners in the sector. To customers, this provides more diversified and controlled ways to protect critical information and systems, which are often the customer's most important assets," says Pasi Korhonen of TeliaSonera Finland.
Sonera's new Net Guard service includes the operating mechanisms of both an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS). The practices best suited for each environment are planned and defined in company-specific solutions. The service is highly suitable for different types of needs in customer networks.
The system allows data packages transmitted in a company's internal communications network to be identified on the basis of their contents. Identified attack incidents generate an up-to-date alarm and report to a separate web user interface, which makes it possible to examine the incidents later on. In addition to generating alarms and reports, the system can also be defined to automatically prevent unwanted traffic. In this case, an operational policy that is suitable for the customer's environment and based on predetermined rules is drawn up for the system together with experts.
The Sonera Net Guard service is based on the NetScreen IDP technology of equipment manufacturer Juniper Networks. IDP sensors identify various attacks of different levels of seriousness extensively and reliably. In addition to specific attack identifiers, the identification is based on identifying network and protocol deviations and backdoor programs. In addition to detecting attacks, the service can also prevent them. The service can bring under control for instance network worm traffic, which increases traffic volume and clogs network resources, and peer-to-peer traffic, which consumes a great deal of bandwidth and may carry malicious traffic.
For the purposes of the service, Sonera provides the customer with an agreed number of network sensors to be installed at the designed network nodes to protect the customer's servers. In Sonera's service, the actual sensor equipment is rented to the customer so that the customer does not have to invest in equipment or maintain the system, but the service takes care of, for example, all identifier and version updates.
The Net Guard service supplements the more conventional protection methods in the network world, such as firewall and anti-virus systems. Net Guard makes it possible to pay special attention to traffic in a company's internal communication network. It will no longer be necessary to close entire ports on a firewall or router on account of malicious traffic and thus stop even important traffic at the port in question. Net Guard's blocking function stops those network worm epidemics spreading in computer memories which the anti-virus programs cannot bring under control.
Various security breaches have been forecast to increase significantly in the next few years. Particularly security holes in software and the fact that they are exploited more quickly make information networks more vulnerable. Risks are also involved, for example, in careless use of laptop computers, excessively open use of VPN (Virtual Private Network) connections, and the increasingly common use of peer-to-peer networks and instant message programs.
For more information, please contact:
Department Director Pasi Korhonen, TeliaSonera Finland Oyj
Product Manager Jani Sammalmaa, TeliaSonera Finland Oyj