A Sophos study in 2018 summed it up: companies are not able to identify the majority of their network traffic. What does this mean? Those who are unaware of what data is being transmitted in their own network also don't know if they have already been a victim of a cyberattack. Or perhaps malware has already embedded itself in an application and will at some point be attacking IT systems or accessing documents.
The global connectivity of companies has further increased the meaning of network security. These days, even small networks are all connected to the internet. Even unknown persons can use this to establish a connection to any desired system from any point on the planet. So, how can you protect yourself?
In order to guard against unknown attacks, Deutsche Telekom's own Cyber Emergency Response Team (CERT) scours the internet and its own networks for anomalies. To do this, our experts evaluate sources around the clock. Knowledge from the company's own early warning systems such as honeypots and Telekom CERT is incorporated into our security offerings: for example, into the Managed Firewall Services.
A firewall implements a security strategy and prevents unwanted and insecure connections. However, a firewall needs to be constantly monitored and managed, otherwise the level of protection will continuously diminish. To use a firewall, you must establish a basic understanding of data connections. Either you allow all connections and prevent only unknown and dangerous data connections, or you block all data connections initially and only explicitly approve the connections you want. In this way, all access to websites, for example, can be blocked. If employees are to use Office 365 from the cloud, then the access address will be activated on the cloud service.
Few companies have the ability to employ specialist service staff dedicated to monitoring new threats that are emerging on a daily basis. Managed Firewall Services offer consistently updated protection against attacks from the web using the latest technologies and a highly qualified operations team. From unified threat management (UTM box) to the next generation firewall – specialized security operations staff protect the servers and networks around the clock using the latest technologies.
T-Systems' Managed Firewall Services are available to customers in two operating versions. In the on-premises version, the customer rents the technical infrastructure for operation in their own data center. Our service personnel take over the management of the application firewall. If requested, access is made available via various highly-secure access technologies.
The transformation of networks towards the cloud is in full swing. But unfortunately, traditional security strategies do not do justice to the challenges of the data and application management in the cloud. One important aspect is safe access to the Internet and the available cloud services from different locations and devices. To this end, the local Internet breakout is utilized, using IntraSelect connections. It offers all the benefits of the Secure Web Gateway in terms of performance, flexibility, and IT security while also saving costs.
For this reason, Deutsche Telekom is offering a service in cooperation with market-leading security providers to ensure more transparency, data security, and control. Companies profit from a standardized security-as-a-service solution, which primarily protects from advanced persistent threats as well as known and unknown malicious code – even with the use of SSL encryption, upon request. In addition to the bundle, Deutsche Telekom also provides the required experts who will support companies in the integration and operation.
A company operating worldwide would have to make massive investments in its IT and TC security infrastructure in order to protect its various and often numerous locations. The communication with Sharepoints and other Internet-capable applications from local branches requires low latency periods and higher bandwidths in order to keep the quality of the user experience at a high level. The joint approach by Deutsche Telekom and its partners enables globally active companies to optimize their performance while also increasing their IT security.
An accidental web download (drive-by download) or an opened email attachment of an apparently known sender (spear phishing) – the disaster is already taking its course. Conventional firewall and anti-virus solutions only check the signature but not the content – and only for known risks. APT (Advanced Persistent Threat) Protect Pro offers effective protection against complex cyberattacks and thus against everything harmful which enters the network from the internet and emails.
The closed, secured hardware and software system (appliance) automatically checks suspicious files or code that has been received via email or downloads. The suspected malware is executed and analyzed in quarantine. The information on the threat or non-threat makes its way into the blacklist or white list for further use in this growing knowledge database in the check routines. T-Systems offers APT Protect Pro from the cloud or as an on-premises solution. In the case of the on-premises model, there is also an option to host a dedicated solution in the T-Systems data center.
The domain name system (DNS) is a central point of every network. For a long time, cyberattackers have been using the DNS as a weak point for attacks. Those who stop attacks before they reach the network or end devices are therefore protecting themselves at the front line – at the DNS. The Umbrella Professional Services offer complete protection for all devices with access to the internet. In the case of an attack, the cloud security solution blocks the connection to the internet.
The cloud security platform offers an initial line of defense against attacks in the internet – for users inside and outside the company network. They can be made available simply and quickly without the need for an installation outlay on site in the company network. Umbrella analyzes and learns internet activity patterns and thus uncovers the attacker infrastructures which are being used for current and new threats. Umbrella uses this to proactively block malicious attacks before they reach the company network or the end point. When IP addresses are resolved, DNS queries are analyzed for known malicious targets. These are blocked. All blocking events are recorded and available to the administrator for analysis.