VAS/Security Deployments [302]: AT&T Uses Bluecoat for Network based Protection

  

AT&T announced ".. the launch of AT&T Cloud Web Security for businesses of any size. The new offering will provide real-time protection against viruses, malware, and compromised web sites --- all without the need for on-site equipment ..  built on Blue Coat Systems’ Security Policy and Enforcement Center. It enables customers to enforce consistent global security policies across wired, roaming, and mobile environments".

See "AT&T Continues Drive to Strengthen Security for Businesses" - here.

VAS/Security Deployments [275]: Singtel Uses Fortinet to Protect Enterprise Customers

Fortinet announced that it has ".. partnered with SingTel to immediately roll out secured broadband services to enterprises across Singapore. Running on Fortinet's high performance FortiGate® network security platforms and FortiManager® and FortiAnalyzer® centralised management and reporting appliances, the SingTel Business Fibre Broadband Security Suite intercepts security threats and eliminates them in the cloud before they reach a company's IT network. Businesses subscribed to this Suite will have online content filtering bundled with their broadband access. Antivirus and anti-spam protection can be added as options. Besides improving security, the content filtering and anti-spam functions help businesses optimise bandwidth usage and increase staff productivity".

Mr Goh Boon Huat [pictured], VP Business Products, Global Products, SingTel Group Enterprise said: “The SingTel Business Fibre Broadband Security Suite is tailor-made for SMEs, which have little or no IT support. Having a reliable, convenient and automated cloud security enables them to protect their vulnerable IT networks from internal and external threats. Our SME customers can enjoy a secured Internet network allowing them to focus on their business, enhance customer experience and drive new revenue growth,"

See "SingTel and Fortinet Partner to Provide Secured Broadband Services to Businesses" - here.

Bell Canada Offers "On-Line" Security Service

Bell Canada announced the "..launch of its newest Internet security offering, McAfee Security from Bell. Compatible with both Windows and Mac, McAfee Security from Bell offers Internet customers state of the art online security, including virus, spyware and malware protection .. Various additional security features are included based on package, such as SiteAdvisor®, smartphone and tablet protection (BlackBerry and Android), encrypted storage, and parental controls featuring social network monitoring, program blocking, YouTube content filtering, and activity reports",

Shawn Omstead (pictured), VP, Products and Services said: "Bell Internet customers want to focus on social media, business, entertainment content, shopping, all the other great things they can do online - not on worrying whether their Internet security is up to date.. "McAfee Security from Bell lets customers connect with confidence, knowing they're protected online".

Source: Bell Canada

See "Bell launches McAfee Security for Bell Internet customers" - here.

VAS Deployments [213]: Pelephone [Israel] Uses Checkpoint's Cloud-based Security

Haim Raviv reports to The Com (here, Hebrew) that Israeli MNO, Pelephone, will be "..the World's first cellular operator to offer Checkpoint's cloud-based security service to its subscribers. Dubbed 'Pelephone Anti-Virus', the service protects against viruses, spyware and Trojans and offered for ~$3.5/Month".

The service (here, Hebrew) is based on "Checkpoint's ThreatCloud, does not require any update to the subscriber's handset and offered to all smart devices and computers with cellular modem, except Blackberry handsets. Obviously the service is not applicable during Wi-Fi connections".

At the end of Q3, 2012 (here) Pelephone had 2.8M mobile subscribers, a 0.1% decease compared to the same quarter last year. ARPU decreased by 11%, from NIS107 to 95 ($25), mainly due to competition from new operators. VAS revenues were 35.1% of total cellular services. Quarterly churn rate was 6.7%. Other technologies deployed by Pelephone - PCRF (here), Caching (here)

According to Checkpoint ThreatCloud (see spec below) " .. is a collaborative network and cloud-driven knowledge base that delivers real-time dynamic security intelligence to security gateways. That intelligence is used to identify emerging outbreaks and threat trends. Since processing is done in the cloud, millions of signatures and malware protection can be scanned in real time".

DPI/Security Deployments [102]: MTN [Nigeria] Deployed AdaptiveMobile to Protect the Network

     

AdaptiveMobile (whom had recently partnered with Allot - here) announced that it has ".. successfully completed a mobile content filtering, anti-spam and anti-virus protection project with MTN Nigeria, enabling the operator to protect its network and subscribers from undesired mobile content through mobile handsets and mobile data-enabled PCs. The AdaptiveMobile Network Protection Platform is reducing network load, protecting the operator’s IP reputation from the growing threat of spam-related IP blacklisting and is reducing customer complaints"

"AdaptiveMobile’s Network Protection Platform provides network-based protection across a range of service bearers and is enabling MTN to: Drastically cut spam, Remove MTN’s IP addresses from blacklists, Reduce customer care costs, Block access to illegal sites and Identify the source of viruses"

MTN Nigeria, part of the MNT group that operates in 21 countries in Africa and the Middle East, has over 40M subscribers.  The operators see a nice growth in its data revenues (see chart), from 3% of total revenues in 2009 to 5% in the first half of 2011.

Obinna Nweje (pictured), General Manager, MTN Nigeria said:. “As with many operators globally, the shared nature of mobile IP addresses means that attacks from unscrupulous spammers can have a huge impact on IP address reputation and potentially result in innocent subscribers’ emails being unnecessarily blocked”

See "MTN Nigeria, Africa’s Largest Mobile Operator, Improves Network Security and Efficiency by 98 Per Cent With AdaptiveMobile" - here.

DPI/Security Deployments [98]: Mobinil [Egypt] Deployed HP Tipping Point to Increase Network Availability

  

HP announced that "Mobinil, Egypt’s leading wireless service provider, has selected HP TippingPoint solutions to boost network reliability and security for its 30 million customers .. Mobinil selected HP TippingPoint S5100N IPS and HP TippingPoint Core Controller platforms to deliver real-time proactive inline protection for its distributed data centers and network infrastructure".



Source: Mobinil Presentation

Mobinil had over 31M wireless and 240K broadband DSL subscribers at the end of Q3, 2011 (see chart).

".. HP TippingPoint IPS detects and blocks trojans, viruses, worms or any potentially damaging network events that could slow down operations, threaten service quality or cause customer downtime .. By constantly cleaning Mobinil’s networks of malicious and unwanted traffic, HP TippingPoint IPS has improved network performance of mission-critical applications. HP TippingPoint IPS devices form a secure, expandable application platform that allows Mobinil to support future growth. In addition, the HP TippingPoint IPS platform has increased network availability and slashed problem resolution times, creating a more productive IT environment".

TippingPoint was acquired by 3Com in 2005 (here), and became part of HP after the 3Com acquistion in 2009.

The TippingPoint S5100N IPS ".. employs a new TSE [threat suppression engine]to keep pace with the changing threats and evolving demands of today's enterprise networks and data centers. The TSE architecture utilizes custom ASICs and high-performance network processors to perform total packet flow inspection at Layers 2-7, performing thousands of checks on each packet flow simultaneously, and delivering a significant deep-packet inspection capacity increase to support new and future security services".

See "HP Boosts Network Security, Reliability for Egypt’s Leading Mobile Service Operator -
Mobinil protects users against online threats, ensures service levels with HP TippingPoint security solutions" - here.

VAS Deployments (85): AT&T Uses Juniper for Security Services

    

Last May we learned that "AT&T Plans to Launch Wireless Consumer Security Service" (here), and before that "AT&T Develops Mobile Security" (here). Now we hear that the new service will be based on a Juniper solution. 

AT&T announced that it "..has executed an agreement with Juniper Networks to deliver this security capability and additional services based on the platform in the future. This new agreement is part of AT&T’s mobile security strategy to manage and protect smartphones and customer information .. The first phase of the platform – the AT&T Mobile Security application – is expected to be available later this year and is based on the Juniper Networks® Junos® Pulse solution".  

See "AT&T Invests in Mobile Device Security Platform" - here.

Junos Pulse is flexible, supporting personal mobile device access to corporate networks and resources through a zero touch deployment model. A cloud based, Software-as-a-Service (SaaS) offering—which speeds and simplifies deployment and user rollout—Junos Pulse Mobile Security Suite includes the Juniper Networks Junos Pulse Mobile Security Gateway, a hosted, web-based administrative management console from which Junos Pulse Mobile Security Suite services are enabled and managed by enterprises and service providers (here).

NYU Polytechnic Researches Scale DPI with New Hardware

 

The Polytechnic Institute of New York University announced that ".. H. Jonathan Chao (pictured below), who heads the Department of Electrical and Computer Engineering at the Polytechnic Institute of New York University (NYU-Poly), and Industry Assistant Professor N. Sertac Artan have developed and patented a hardware solution to revolutionize this increasingly critical cybersecurity function".

See "New Hardware Solution Offers Cybersecurity Protection Well Before Malware or Virus Reaches Personal Computer" - here.

See more - "HIGH-SPEED NETWORK INTRUSION DETECTION AND PREVENTION"- here.

"Effective DPI examines every packet entering a router switch. Its contents are compared against an ever-growing catalogue of known viruses or attack signatures. With millions of packets arriving each second, the process is often accomplished by a network of processors running parallel searches on portions of data packets — an approach that doesn't scale well to high-speed traffic. Chao and Artan devised a scheme for consolidating the inspection process to a single node, compressing the catalogue of attack signatures to fit on one chip. This allows service providers to streamline their DPI strategy, using fewer resources without compromising efficacy or speed. With a prototype already developed, Chao and Artan are testing their solution with the goal of licensing the technology"

Allot Partners with NSN; Wins a 25M Subscribers Russian Fixed & Mobile Operator

  
Allot Communications announced that "a major Russian fixed and mobile operator with over 25 million subscribers has deployed Allot Service Gateway Sigma (SG-Sigma) platforms to offer revenue-generating parental control and anti-virus services to its subscribers.  Nokia Siemens Networks acted as prime integrator on this joint project, which is the first major win to result from the strategic partnership between the companies.  The solution has been initially deployed in two key hubs within the operator's network .. SG-Sigma acts as a nexus point in the operator's network, accurately identifying traffic in real time at high speeds, and enabling intelligent policy-based steering of subscriber traffic to these value added services.  The solution identifies those customers who have subscribed to the service and steers only their traffic to the relevant VAS platform, allowing optimized deployment of VAS infrastructure"

See "Allot and Nokia Siemens Networks Partnership Enables Major Russian Operator to Deploy Revenue Generating Services" - here.

 

See also "Allot CEO: "10% of 2010 Revenues Generated from VAS" - here.

Andrei Elefant (picture), Allot's VP of Product Management and Marketing said: "This deployment highlights how Allot and Nokia Siemens Networks have played a critical role in uncovering new sources of revenue for the operator by enabling them to offer a wide range of scalable, value added services".

Australia: ISPs Should Detect Virus Infected Computers (DPI Becomes a Must for ISPs)

 

ABC News reports that "A federal parliamentary committee has called for new measures to deal with an explosion of fraud and scams on the internet. The committee has recommended internet providers be obliged to tell people if their computers are infected with a virus."

See "Calls for national office to tackle cyber crime" - here

Committee chairwoman Belinda Neal says "internet service providers (ISPs) must be made to tell people if their computers have been infected by harmful programs"

The inquisitr ("Australia Takes Further Step Towards Police State With Cyber Crime Proposals" - here) adds - "The headline proposal, if adopted by the Government, would force Australian internet users to install and keep up-to-date virus scanners on computers as a condition for internet access via the contractual obligations with their ISP. Users would also be forced to “take reasonable steps to remediate their computer(s) when notified of suspected malware compromise.”

In the event that the customer does not meet these contractual obligations, ISP’s must provide “a clear policy on graduated access restrictions and, if necessary, disconnection until the infected machine is remediated.”

So ISPs will need to detect infected subscribers. This requires DPI technology - and much more extensive than the DPI used to identify applications, as it has to inspect every packet (rather than every flow).