Combination lock on white grid crate in data warehouse

Protect networks against malware

Security teams search for anomalies in the network in order to detect threats from the internet in a timely manner

How we helped companies to secure their networks

Everything is connected to the internet

Network of threads with pins fixed on white styrofoam

The global connectivity of companies has further increased the meaning of network security. These days, even small networks are connected to the internet. Unknown persons can use this to establish a connection to any desired system from any point on the planet. So, how can you protect yourself?

Our solutions for your network security

  • Firewall Service
    For companies of all sizes with various connection situations and requirements
  • Web Proxy Service
    Individual protection for internet access according to individual requirements for secure surfing
  • Email Protect Pro
    Protects email traffic against viruses and spam so malware becomes a thing of the past
  • Intrusion Detection & Prevention Service
    Active detection and interception of known signatures in data traffic to guard against the growing number of threats
  • DDoS Protect Pro
    Complete package to prevent overload attacks on internet access and services as well as systems and applications
  • APT Protect Pro
    Extended detection and defense against known and unknown threats
  • Consulting
    Close personal monitoring and support – from ideation to integration and solution roll-out

We look forward to your project!

We are happy to provide you with the right experts and to answer your questions about planning, implementation, and maintenance for your digitization plans. Get in touch!

Cyber protection team and firewall

Two men in an office, one sitting in front of the computer screen. The second looks over his shoulder at work.

In order to guard against unknown attacks, Deutsche Telekom's own Cyber Emergency Response Team (CERT) scours the internet and its own networks for anomalies. To do this, our experts evaluate sources around the clock. Knowledge from the company's own early warning systems such as honeypots and Telekom CERT is incorporated into our security offerings: for example, into the Managed Firewall Services.

Firewall as a security strategy

A man with glasses sits at the desk and looks at his laptop with his pen in his hand

A firewall implements a security strategy and prevents unwanted and insecure connections. However, a firewall needs to be constantly monitored and managed, otherwise the level of protection will continuously diminish. To use a firewall, you must establish a basic understanding of data connections. Either you allow all connections and prevent only unknown and dangerous data connections, or you block all data connections initially and only explicitly approve the connections you want. In this way, all access to websites, for example, can be blocked. If employees are to use Office 365 from the cloud, then the access address will be activated on the cloud service.

Application firewalls must be consistently updated

A man typing on a mini laptop while looking at a larger computer monitor on the desk.

Few companies have the ability to employ specialist service staff dedicated to monitoring new threats that are emerging on a daily basis. Managed Firewall Services offer consistently updated protection against attacks from the web, using the latest technologies and a highly qualified operations team. From unified threat management (UTM box) to next generation firewalls – specialized security operations staff protect the servers and networks around the clock using the latest technologies.

Managed firewalls on customer premises

T-Systems' Managed Firewall Services are available to customers in two operating models. In the on-premises option, the customer rents the technical infrastructure for operation in their own data center. Our service personnel take over the management of the application firewall. If requested, access is made available via various highly-secure access technologies.

Managed firewall from highly secure data centers

In the second option, we integrate the application firewall into T-Systems' own platform in our highly secure data centers. The operations team ensures the managed firewall services are available around the clock. The specialists are responsible for updates and release management and monitor the systems 24 hours, seven days a week (24/7). If technical problems or an attack cause difficulties, the operations team can immediately implement countermeasures. 

Next-generation firewalls

A next-generation firewall can detect applications and users in the data stream. This includes an integrated intrusion prevention system (IPS) and the identification of applications and protocols regardless of the port used. External data sources are also taken into account, such as directory services with user data. The application detection tries to identify what the system is currently transmitting. It takes over the capabilities of a proxy or content filter. In order to detect applications, a comparison against detection patterns is required, similar to a virus scanner. For this, it is necessary that these patterns are regularly updated.

Secure Local Internet Breakout

Young man with red glasses and beard looks focused on computer screen

The transformation of networks towards the cloud is in full swing, but unfortunately, traditional security strategies do not do justice to the challenges of the data and application management in the cloud. One important aspect is safe access to the Internet and the available cloud services from different locations and devices. To this end, the local Internet breakout is utilized, using IntraSelect connections. This offers all the benefits of the Secure Web Gateway in terms of performance, flexibility, and IT security, while also saving costs.

Deutsche Telekom offers services in cooperation with market-leading security providers to ensure more transparency, data security, and control. Companies profit from a standardized security-as-a-service solution, which primarily protects against advanced persistent threats, as well as known and unknown malicious code – even with the use of SSL encryption upon request. In addition to the bundle, Deutsche Telekom also provides the required experts who will support companies during integration and operation.

A company operating worldwide would have to make massive investments in its IT and TC security infrastructure in order to protect its various and often numerous locations. The communication with SharePoint and other Internet-capable applications from local branches requires low latency and higher bandwidths in order to keep the quality of the user experience at a high level. The joint approach by Deutsche Telekom and its partners enables globally active companies to optimize their performance while also increasing their IT security.

APT Protect Pro – intelligently warding off unknown attacks

Man with glasses sits at the desk, looks in the computer monitor and reflects or reads

An accidental web download (drive-by download) or an opened email attachment of an apparently known sender (spear phishing) – the disaster is already taking its course. Conventional firewall and anti-virus solutions only check the signature but not the content – and only for known risks. APT (Advanced Persistent Threat) Protect Pro offers effective protection against complex cyberattacks and thus against everything harmful which enters the network from the internet and emails.

Activating unknown files in quarantine

The closed, secured hardware and software system (appliance) automatically checks suspicious files or code that has been received via email or downloads. The suspected malware is executed and analyzed in quarantine. The information on the threat or non-threat makes its way into the blacklist or white list for further use in this growing knowledge database in the check routines. T-Systems offers APT Protect Pro from the cloud or as an on premise solution. In the case of the on premise model, there is also an option to host a dedicated solution in the T-Systems data center.

Protection against known and unknown threats

  • Cloud or on premise solutions
  • Virtual machine-based detection model
  • Checking all ports from web downloads and emails
  • Three cost-efficient cloud-based performance packages
  • On premise with fixed bundles for data throughput, number of users, and features

Security starts with DNS

Browser line closeup without specific web address

The domain name system (DNS) is a central point of every network. For a long time, cyber attackers have been using the DNS as a weak point for attacks. Those who stop attacks before they reach the network or end devices are therefore protecting themselves at the front line – at the DNS.  The Umbrella Professional Services offers complete protection for all devices with access to the internet. In the case of an attack, the cloud security solution blocks the connection to the internet.

Security has to be relocated to the cloud

50 % of employees

work on a mobile basis, from home or in a subsidiary

78 % of employees

are not obliged to use VPN

More than 50 %

of business applications now come from the cloud

68 % of cyberattacks

are caused by roaming users or remote/branch office users

ROBO Networking and Security Trends|The Enterprise Strategy Group, Inc|April 2019

What is Umbrella Professional Managed service?

View from above of a white desk in a minimalist office environment

The cloud security platform offers an initial line of defense against attacks from the internet – for users inside and outside the company network. It can be made available simply and quickly without the need for an installation outlay on site in the company network. Umbrella analyzes and learns internet activity patterns and thus uncovers the attacker infrastructures which are being used for current and new threats. Umbrella uses this to proactively block malicious attacks before they reach the company network or the end points. When IP addresses are resolved, DNS queries are analyzed for known malicious targets. These are blocked. All blocking events are recorded and available to the administrator for analysis.

What Umbrella Professional Managed service offers

A standing businesswoman shows her laptop screen to her sitting colleague
  • DNS-based cloud service with security filter by Cisco
  • Roaming clients for protection outside the company network
  • Integration in the company's own network
  • Fast and uncomplicated commissioning
  • Protection against malware, drive-by downloads, and phishing
  • Tailored reporting
  • Data storage in Germany: log data in German data centers, failover storage within the EU in Ireland
Do you visit outside of Germany? Visit the local website for more information and offers for your country.