When planning a cyber defence strategy at this level, there are many touch points to consider. Global brands who are classified as Critical National Infrastructure provide always on, available anywhere world-wide, on-demand services. To do this, they maintain a wide spread data routing and access infrastructure that provides end user services (carrying their own and third-party data and services to their subscribers) and high rate peering (carrying someone else’s data to another network). This means that the volume of data traversing their networks increases daily and so do the potential threats.
Unsurprisingly this data is incredibly valuable to cyber criminals and as such is under constant attack. Security analysts within these organisations need scalable toolsets that enable them to discover anomalous behaviour, evaluate impact and take corrective action to remove or redirect bad traffic such as hyper scale DDoS attacks. Analysts will also have more dynamic requirements such as the ability to hunt for anomalous behaviour across the entire network and rapidly query petabytes worth of historical data for incident response and forensics.
Telesoft has developed a suite of products that has flexible, multi user visibility of global traffic
“We see large CSPs using unsampled IP flow, reputation and application meta-data combined with selective session record for rapid alerting, anomaly detection and post event analysis of months of data. Their tools need to be able to adapt to changing network topologies, and move focus between application, physical infrastructure, user and business groups, to prioritise and quickly answer what is interesting, what is real, what is dangerous,” says Mathew Downham, Managing Director, Telesoft Technologies.
Enterprise scale cyber security solutions simply do not fit in to this space, they are unable to scale upto processing the volume of events seen on global networks.Carrier networks need carrier grade security that evolves and scales with their ever changing network topology. Telesoft has developed a suite of products that has flexible, multi user visibility of global traffic, with meta-data and selected session pcap record for up to 12 months. Flexible dashboards, queries and alerting enabling analysts to see and modify with is important to them on a rapidly changing basis.