Combination lock on white grid crate in data warehouse

Protecting networks against malware

Security teams search for anomalies in the network in order to detect threats from the internet in a timely manner

Managed network security

A Sophos study in 2018 put it in a nutshell: companies are not able to identify the majority of their network traffic. What does this mean? Those who are unaware of what data is being transmitted in their own network also don't know if they have already been a victim of a cyberattack. Or perhaps malware has already embedded itself in an application and will at some point be attacking IT systems or tapping into documents.

Everything is connected to the internet

Network of threads with pins fixed on white styrofoam

The global connectivity of companies has further increased the meaning of network security. These days, even small networks are all connected to the internet. Even unknown persons can use this to establish a connection to any desired system from any point on the planet. So, how can you protect yourself against this? 

Our solutions for your network security

  • Firewall Service
    For companies of any size and authorities with various connection situations and requirements
  • Web Proxy Service
    Individual protection for internet access according to individual requirements for secure surfing
  • Email Protect Pro
    Protects email traffic against viruses and spam emails so that malware becomes a thing of the past
  • Intrusion Detection & Prevention Service
    Active detection and interception of known signatures in the data traffic to guard against the growing number of threats
  • DDoS Protect Pro
    Complete package to intercept denial of service attacks on internet access and services as well as systems and applications
  • APT Protect Pro
    Extended detection and combat against known and unknown threats
  • Consulting
    Close personal monitoring and support – from the idea, through integration, to the further roll-out of the solution

Let’s get in touch

We are happy to provide you with the right experts and to answer your questions – by phone or email.

Cyber protection team and firewall

Two men in an office, one sitting in front of the computer screen. The second looks over his shoulder at work.

In order to guard against unknown attacks, Deutsche Telekom's own Cyber Emergency Response Team (CERT) scours the internet and its own networks for anomalies. To do this, our experts evaluate sources around the clock. Knowledge from the company's own early warning systems such as honeypots and Telekom CERT flows into our security offerings: for example, into the Managed Firewall Services.

Firewall as a security strategy

A man with glasses sits at the desk and looks at his laptop with his pen in his hand

A firewall implements a security strategy and prevents unwanted and insecure connections. However, a firewall needs to be constantly monitored and managed, otherwise the level of protection will continuously diminish. To use a firewall, you must establish a basic understanding of data connections. Either you allow all connections and prevent only unknown and dangerous data connections, or you block all data connections initially and only explicitly approve the connections you want. In this way, all access to websites, for example, can be blocked. If employees are to use Office 365 from the cloud, then the access address will be activated on the cloud service.

Application firewalls must be consistently updated

A man typing on a mini laptop while looking at a larger computer monitor on the desk.

Only few companies have the option to employ specialist service staff who are dedicated to finding out about the new threats appearing on a daily basis. Managed Firewall Services offer consistently updated protection against attacks from the web using the latest technologies and a highly qualified operations team. From unified threat management (UTM box) to the next generation firewall – specialized security operations staff protect the servers and networks round the clock using the latest technologies.

Managed firewalls on customer premises

T-Systems' Managed Firewall Services are available to customers in two operating versions. In the on-premises version, the customer rents the technical infrastructure for operation in their own computing center. Our service personnel take over the management of the application firewall. If requested, access is made via various highly-secure access technologies.

Managed firewall from highly secure data centers

In the second version, we integrate the application firewall into T-Systems' own platform in our highly secure data centers. The operations team ensures that the managed firewall services are available around the clock. The specialists are responsible for updates and release management and monitor the systems 24 hours, seven days a week (24/7). If technical problems or an attack cause difficulties, the operations team can immediately implement countermeasures. 

Next-generation firewall

A next-generation firewall can detect applications and users in the data stream. This includes an integrated intrusion prevention system (IPS) and the identification of applications and protocols regardless of the port used. External data sources are also taken into account, such as directory services with user data. The application detection tries to identify what the system is currently transmitting. It takes over the capabilities of a proxy or content filter. In order to detect applications, a comparison against detection patterns is required, similar to a virus scanner. For this, it is necessary that these patterns are regularly updated.

Secure Local Internet Breakout

Young man with red glasses and beard looks focused on computer screen

The transformation of networks in the direction of the cloud is in full swing. But unfortunately, traditional security strategies do not do justice to the challenges of the data and application management in the cloud. One important aspects is safe access to the Internet and the available cloud services from different locations and devices. To this end, the local Internet breakout is used as it possesses IntraSelect connections. It offers all the benefits of the secure web gateway in terms of performance, flexibility, and IT security while also saving costs.

For this reason, Telekom is offering a service in cooperation with market-leading security providers to ensure more transparency, data security, and control. Companies profit from a standardized security-as-a-service solution, which primarily protects from advanced persistent threats as well as known and unknown malicious code – even with the use of SSL encryption, upon request. In addition to the bundle, Telekom also provides the required experts who will support companies in the integration and operation.

A company operating worldwide would have to make massive investments in its IT and TC security infrastructure in order to protect its different and often numerous locations. The communication with share points and other Internet-capable applications from local branches requires low latency periods and higher bandwidths in order to keep the quality of the user experience at a high level. The joint approach by Telekom and its partners enables globally active companies to optimize their performance while also increasing their IT security.

APT Protect Pro – intelligently warding off unknown attacks

Man with glasses sits at the desk, looks in the computer monitor and reflects or reads

An accidental web download (drive-by download) or an opened email attachment of an apparently known sender (spear phishing) – the disaster is already taking its course. Conventional firewall and anti-virus solutions only check the signature but not the content – and only for known risks. APT (Advanced Persistent Threat) Protect Pro offers effective protection against complex cyberattacks and thus against everything harmful which enters the network from the internet and emails.

Activating unknown files in quarantine

The closed, secured hardware and software system (appliance) automatically checks suspicious files or code which has been received via email or downloads. The putative malware is executed and analyzed in quarantine. The information on the threat or non-threat makes its way into the blacklist or white list for further use in this growing knowledge database in the check routines. T-Systems offers APT Protect Pro from the cloud or as an on-premises solution. In the case of the on-premises model, there is also an option to host a dedicated solution in the T-Systems computing center.

Protection against known and unknown threats

  • Solutions from the cloud or on premises
  • Virtual machine-based detection model
  • Checking all ports from web downloads and emails
  • From the cloud with three cost-efficient performance packages
  • On premises with fixed bundles for data throughput, number of users, and features

Security starts with DNS

Browser line closeup without specific web address

The domain name system (DNS) is a central point of any network. For a long time, cyberattackers have been using the DNS as a weak point for attacks. Those who stop attacks before they reach the network or the end devices are therefore protecting themselves at the front line – at the DNS.  The Umbrella Professional Services offer complete protection for all devices with access to the internet. In the case of an attack, the cloud security solution blocks the connection to the internet.

Security has to be relocated to the cloud

50 %

of employees work on a mobile basis, from home or in a subsidiary

78 %

of employees are not obliged to use VPN

> 50 %

of business applications now come from the cloud

68 %

of cyberattacks are caused by roaming users or remote/branch office users
ROBO Networking and Security Trends|The Enterprise Strategy Group, Inc|April 2019

What is Umbrella Professional Managed?

View from above of a white desk in a minimalist office environment

The cloud security platform offers an initial line of defense against attacks in the internet – for users inside and outside the company network. They can be made available simply and quickly without the need for an installation outlay on site in the company network. Umbrella analyzes and learns internet activity patterns and thus uncovers the attacker infrastructures which are being used for current and new threats. Umbrella uses this to proactively block malicious attacks before they reach the company network or the end point. When IP addresses are resolved, DNS queries are analyzed for known malicious targets. These are blocked. All blocking events are recorded and are available to the administrator for analysis.

What Umbrella Professional Managed offers

A standing businesswoman shows her laptop screen to her sitting colleague
  • DNS-based cloud service with security filter by Cisco
  • Roaming clients for protection outside the company network
  • Integration in the company's own network
  • Fast and uncomplicated commissioning
  • Protection against malware, drive-by downloads, and phishing
  • Tailored reporting
  • Data storage in Germany: log data in German computing centers, failover storage within the EU in Ireland