As data rates, connectivity, and reliance on smart devices increase, so does the need to protect the communication sector from cyber threats and breaches. A fully secured communications backbone is key to the continued safe and prosperous operation of a nation. Communication service providers (CSPs), internet service providers (ISPs), and large enterprises provide always on, available everywhere world-wide, on-demand services. To do this, they maintain a widespread data routing and access infrastructure that provides end user services (carrying their own and third-party data and services to their subscribers) and high rate peering (carrying someone else’s data to another network). This means that the volume of data traversing their networks increases daily and so do the potential threats.
At this scale, the tools used to defend these valuable resources have to provide real-time network visibility and enable security professionals to discover anomalous behavior, evaluate impact, and take corrective action to remove or redirect traffic. With over 30 years’ experience in providing carrier scale solutions, Telesoft Technologies, secures these types of environments with a combination of flow monitoring, data prioritization, and aggregation through auto-discovered or user configured entity sets, IP reputation, signatures, selective record and rapid real time alerting, analysis, and query.
Telesoft’s TDAC analytics and forensics platform defends carrier scale networks from persistent and complex cyber threats. TDAC – alongside the FlowProbe and CERNE IDS – can monitor and search through multi-terabit per second (TBps) network traffic, continuously scanning and determining the severity of millions of security events and alerts.
“We see large telecommunications providers using un-sampled IP flow, reputation, and application meta-data combined with selective session record for rapid alerting, anomaly detection, and post event analysis of months of data. Their tools need to be able to adapt to changing network topologies, and move focus between application, physical infrastructure, user and business groups, to prioritize and quickly answer what is interesting, what is real, what is dangerous.” Steve Patton, Cyber Specialist and Director, Telesoft Technologies.
Enterprise scale cybersecurity solutions simply do not fit into this space, they are unable to scale up to processing the volume of events seen on global networks. Carrier networks need carrier grade security that evolves and scales with their ever changing network topology. Telesoft has developed a suite of products that has flexible, multi user visibility of global traffic, with meta-data and selected session pcap record for up to 12 months. Flexible dashboards, queries, and alerting enable analysts to see and modify what is important to them on a rapidly changing basis.
The headline is that risks for companies, government authorities, and critical infrastructures are rising dramatically but cyber security vendors like Telesoft are committed to identifying risks, reducing vulnerability, reducing threats, and scaling with long-term cybersecurity strategy goals.
Telesoft’s TDAC analytics and forensics platform is the go to cybersecurity solution for global communications providers when they seek to protect their carrier scale infrastructure; the TDAC was launched to help protect carrier scale networks from persistent and complex cyber threats.
TDAC’s key strength is its ability to monitor and analyze traffic and events from large-scale network infrastructure, allowing security professionals to detect and mitigate cyber threats at scale. The enormity of processing this amount of data is huge and ground-breaking – the equivalent of 4.8 million hours of Netflix per second, which equates to 547 years of continuous TV watching. It can also prioritize, isolate, and prevent event-based alerts, bringing a new level of intelligent cybersecurity by minimizing alert fatigue.
Typically deployed on networks running at multiple 100 Gbps, TDAC’s flexible dashboards, queries, and alerting enable analysts to see and modify what is important to them on a rapidly changing basis. It also features interfaces for integration with other tools to serve the needs of multiple teams. TDAC can scale up according to the resources allocated to it and can retain data for months across peta-byte storage. The TDAC UI and Rest API can process a huge volume of raw data into actionable intelligence, including navigation by preset groupings, enrichment with threat classification data, query path tracking, and continuous query analysis, giving sub-second query time to users.