20 Security and Anti-fraud solutions
20 Security and Anti-fraud solutions
09 December 2020 | Natalie Bannerman
According to Deloitte, the onset of the Covid-19 pandemic has magnified the need for cybersecurity. From the increased risk with remote working and e-learning to the influx of cybercriminals, 2020 has put digital security at the top of the list.
In tandem, carriers across the industry have once again been hard at work to mitigate the risk of cyberattacks and fraudulent activity with a host of offerings and solutions. For the second year running, Capacity has curated a selection of these offerings to showcase — in no particular order — some of the innovative work being done in this area.
Oracle Cloud Guard
Oracle Cloud Guard is a cloud-native detect-and-respond solution that detects misconfigured resources and insecure activity across tenants and provides security administrators with the visibility to triage and resolve cloud security issues. Security inconsistencies can be automatically solved with out-of-the-box security solutions to effectively scale the security operations centre. It acts as a log and events aggregator that directly integrates with all major Oracle Cloud Infrastructure services delivering actionable results. In addition, cloud security administrators are provided built-in, embedded expertise for a seamless knowledge transfer experience. Cloud Guard offers the flexibility to act on security issues manually or automatically with conditional operators.
Ericsson’s Security Manager delivers security automation, compliance monitoring and security analytics functions with end-to-end security visibility. Security Manager provides quick detection of network anomalies based on security analytics and demonstrates adaptive security by looping back analytics to the policy automation. Ericsson Security Manager supports industry standard security policy frameworks such as ISO, NIST, CIS Benchmarks, EU GDPR, CTIA IoT, CSA and Ericsson baseline security requirements as well as customer’s own security policies. It also performs continuous protection including security analytics, which can turn data into security insights and actions, covering vulnerabilities, threats, risks, and fraud events.
IoT Threats Detection
Cybersecurity company ElevenPaths offers this monitoring and incident response service that uses machine learning and specific IoT/OT threat intelligence techniques to profile the behaviour of IoT devices and associated networks. As a result, it enables the ability to detect and respond to anomalies or cyberattacks that may affect the different end-to-end elements in IoT such as devices, communication networks or service platforms. The service is fed by a global network of decoy honeypots specialised in IoT/OT. It leverages a network distributed throughout the world in over 60 locations and covers more than 500 different system architectures, processing on average 10 million cyberattacks every day.
Voice Roaming Firewall
BICS’ Voice Roaming Firewall is a proactive fraud prevention service for mobile operators that are BICS roaming services customers who want to have greater control on their outbound roamer traffic to protect their bottom line and customer experience against fraud. This round the clock service is aimed at helping BICS’ roaming platform - Instant Roaming & Roaming Hub – to service customers and eliminate fraud in roaming by “proactively blocking” outbound roamer fraudulent voice call attempts in real time. They do this by using BICS’ hub of roaming signalling traffic for automatically monitoring the subscriber’s voice call attempts.
DDoS Protection Services
NTT’s DDoS Protection Services (DPS) offer a tiered approach to DDoS mitigation, depending on the type and level of protection required. Comprised of DPS Control, DPS Core, DPS Detect and DPS Max, offerings range from access control lists support, access to network security teams, attack detection and auto migration. Whether it’s a basic, intermediate or high-level of support, there are options to suit all. At the higher end of the protection tier, NTT services have the capabilities to deal with large-scale attacks, redirecting and cleaning traffic through a mitigation platform.
HGC Global Communications
HGC’s Cloud Firewall offers a ready-made, subscription-based firewall service with unified threat management functionality, specifically for bizCloud and HGC data centre customers. When the Cloud Firewall is combined with HGC’s bizCloud default firewall, the two create two-tier protection that will satisfy audit demands and regulatory requirements. Additionally, a user-friendly portal allows users to view logs, while managing firewall and UTM policies. HGC’s Cloud Firewall service is built on a platform from VMware with a robust firewall provided by Fortinet. The service is hosted in HGC’s tier-3 or higher-grade data centres, which benefit from ISO27001 accreditation and are managed round the clock.
Orange International Carriers
Signalling Detect and Protect
Offered as a value-added service to Orange International Carrier’s signalling product, the Signalling Detect and Protect provides a comprehensive solution for detection and protection. It enables mobile network operators to increase the security of their network and defend their end-user’s privacy through a centralised firewall platform hosted on Orange premises. Specifically, customers can monitor network traffic and send it to the firewall, detect and protect both SS7 and LTE traffics, and it covers fraud categories one to three as defined by GSMA. Users also benefit from additional reactivity in case of multiple attacks.
Vodafone Cyber Enhanced
A fairly new offering from the company, Cyber Enhanced brings together Vodafone’s experience in cyber-security and defence-grade technology to protect the resources of national infrastructure providers, including utilities, transportation, finance and emergency services. Customers can select the level of managed service they require and source capabilities as their operations demand. These include protective monitoring for continued remote surveillance, analysis, alerting and reporting to enable threat detection and prevention across the customer’s full digital estate. The solution also features a firewall for remote managing and monitoring and to enhance new and existing firewalls for optimal strength and resilience.
Deutsche Telekom Global Carrier
As part of Deutsche Telekom Global Carrier voice services comes its voice protection services. Designed to combat fraud, this offering leverages Deutsche Telekom Global Carrier’s fraud management team who work with an automated big data monitoring system. In near real time, it identifies and immediately stops a multitude of fraud scenarios for both for mobile and fixed network operators. In addition, the solution includes proactive dispute management and guarantees a speedy response to minimise damage from fraud. As a member of the i3 fraud forum and other organisations, DTGC continues to share and further develop industry knowledge on this topic.
NetGuard Security Management Center
NetGuard Security Management Center (SMC) is a simplified security operations analytics and reporting solution that enables operators to prevent, locate and address security threats before they occur. It aggregates and analyses security data within a service provider context to help security and network operations teams assess business risks, improve decision making and control costs. It also features built in interoperability by integrating security systems, regardless of vendor, to analyse security posture and manage incidents, vulnerabilities, as well as security policies and network aces. It also reduces detection time by 80%, and accelerates recovery time by 75% and investigation time by more than 50%.
Telecom Core Infrastructure Security solution
The IBM Telecom Core Infrastructure Security solution monitors and manages the health of network elements and the traffic from a single, integrated system. It features a combination of technology designed to detect any malicious threat or network anomaly, regardless of its origin. In addition, the Core Infrastructure Security Solution features flexible mitigation options that network operators can use to enforce policy either manually or automatically. It is also scalable to meet the demands of large, distributed carrier networks. It is formed of three components: the IBM Tivoli Security Operations Manager, NarusInsight Secure Suite and IBM Tivoli Netcool.
Verizon Partner Solutions
Software Defined Perimeter
Verizon’s Software Defined Perimeter (SDP) adopts a zero-trust approach to networking for remote access, internal networks, and cloud applications. It can combat network-based attacks from unauthorised users and devices. It can be used standalone or combined with Verizon’s Private IP or SD-WAN services to create trusted networks. Additionally, SDP can provide secure remote access to authorised applications without making the network accessible, and it does it with multi-factor authentication. Key benefits include server isolation that defeats exploitation attacks, transparent multi-factor authentication that mitigates credential theft, mutual TLS which combats man-in-the-middle attacks, and trust assessment that detects compromised clients.
Managed Cloud Web Application Firewall
PCCW Global’s Managed Cloud Web Application Firewall (WAF) service helps detect, monitor and block malicious HTTP/HTTPS web requests. The service detects and mitigates potential web application attacks to protect against malicious intent. By inspecting HTTP/HTTPS traffic, the Managed Cloud WAF Service prevents web application attacks, including but not limited to: cross-site scripting, brute-force attacks, SQL server injections, and Layer 7 DDoS. The WAF is complementary to existing security measures layered on top of the existing investments, such as firewalls, web server host protection software, or secure code. In addition, 27 WAF PoPs provide web application security around the world.
Wire-speed Encryption Solution
Ciena’s integrated wire-speed encryption solution allows for secure and fully managed service delivery. It provides a FIPS-certified AES 256 encryption solution with standards-based authentication mechanisms, such as X.509 certificates, enabling seamless integration into existing enterprise Public Key Infrastructures. By encrypting data as it leaves the security of the private cloud, managers can ensure data is protected from unauthorised intercept as it travels the network. Additionally, encrypting at higher layers can contribute significant amounts of latency and impact the application throughput. Ciena’s solution allows several architectural approaches using either ring or point-to-point topologies in protected or unprotected configurations.
Cisco Umbrella uses the internet’s infrastructure to enforce security and block malicious activity before a connection is ever established. Because it delivers security from the cloud, there is no hardware to install and no software to manually update. Cisco Umbrella also includes secure web gateway, firewall, and cloud access security broker (CASB) functionality, plus integration with Cisco SD-WAN, delivered from a single cloud security service. Processing 180 billion internet requests a day, Umbrella actively searches for threats before they reach the network or endpoints. It also blocks threats easily over all ports and protocols for top coverage.
Global Security Gateway
AT&T Global Security Gateway filters and inspects outbound user traffic to help prevent users from accessing malicious sites or content that is not compliant with corporate policies. It offers protection built in the cloud, so, unlike firewalls, secure web gateway services can protect users outside their headquarters that are connecting directly to the internet, in a low-latency, cost-effective way. It also continuously inspects traffic and applies security content policies regardless of where the user operates or what cloud service they use. It also helps to remove performance constraints associated with hardware-based gateway solutions.
Designed to complement its SmartConnect with managed SD-WAN security-as-a-service offerings, Aryaka SmartSecure is a holistic security solution that delivers cloud security, micro-segmentation, a virtual next generation firewall, secure remote access, Aryaka core protection and an edge firewall. As a result, enterprises benefit from an end-to-end secure infrastructure, first-mile, middle-mile, and into the cloud. In addition, Edge and cloud security leveraging Tier-1 partners is part of Aryaka’s end-to-end managed SD-WAN. Overall, SD-WAN security helps enterprises generate the maximum return on their SD-WAN investment, ensuring protection from external threats and the integrity of their corporate data.
cVidya’s machine-learning solution
Amdocs’ cVidya has implemented a machine-learning (ML) approach for fraud and bad debt prevention which helps operators to minimise the risks associated with launching new services, sales channels and partner solutions and improve their profitability. The solution uses ML to analyse the behaviour of new and existing customers to detect patterns or anomalies which could indicate a propensity for them to become fraudsters or bad debtors. Early pattern detection enables the operator to act much earlier in the lifecycle, thereby minimising fraud and bad-debt risk. Highly predictive, it gives operators the ability to foresee those with a high propensity to become a debtor or a fraudster.
Telefónica International Wholesale Solutions
TUKU Fraud Management system
Winner of the 2020 Best Anti-Fraud Innovation at the Global Carrier Awards, the judges commented that “Telefónica offers a robust anti-fraud system, and it has been enhanced with innovative features, both technical and commercial.” The company’s TUKU Fraud Management system is described as the guardian of Telefónica’s international network against potential fraud or network attack. Hosted in the cloud, this offering is 100% configurable by the customer and can detect, prevent and act on any fraud in both outgoing traffic streams and incoming traffic streams. There is also the option to connect via bi-directional APIs and provide a suite of big data analysis.
Edge DNS is an authoritative DNS service that moves your Domain Name System (DNS) resolution from your premises or data centres to the Akamai Intelligent Edge. It is architected to maintain availability through even the largest DDoS attacks and can be deployed as a primary or s econdary solution with optional DNSSEC support to protect against DNS forgery and manipulation. Features include 24/7 availability, 100% uptime service level agreement, IP throttling to suppress traffic from any suspicious IP address and protect against DDoS reflection attacks from spoofed IP addresses by only serving content to a list of well-known servers.