AT&T urges intrusion prevention

For the next few years, the best protection against insecure software will come from intrusion-prevention technology, Edward Amoroso, chief security officer at AT&T, said this week at the Gartner Information Technology Security Summit.

Speaking June 7 at the Gartner event in Washington, D.C., Amoroso said intrusion prevention has proved far more effective in protecting AT&T's corporate network than the best efforts of system administrators.

"This is our last great hope, at least for the next few years," he said.

Instead of relying on a form of network protection, people have made heroic efforts at applying security patches to protect their insecure systems. "We've become super-patchers," Amoroso said, referring to the constant cycle of patching and testing that he said overwhelms system administrators.

Intrusion prevention works by blocking worms and other sources of denial-of-service attacks that network engineers can see coming. By the end of the summer, AT&T, for example, expects to be collecting more than 1 terabyte of net flows per hour from the public Internet — a total of 28 terabytes a day.

Net flows refer to unique source-destination pairs, about which information is contained in Internet packet headers. AT&T is using this information to help its customers respond to denial-of-service attacks, Amoroso said.

"There's a million things you can do in advance of a worm actually hitting if you see the darn thing coming," Amoroso said. For example, when AT&T engineers see a worm attack about to happen, he said, they can perform tricks with the Border Gateway Protocol to block ports that a worm has targeted.

Amoroso said AT&T has announced it will provide that capability to government agencies and businesses through service-level agreements that offer protection against denial-of-service attacks and other malicious software intrusions.

AT&T stumbled onto this capability, Amoroso said. But in the field of intrusion detection, he added, "it's one of the most fundamental advances I've seen."

Featured

  • innovation (Sergey Nivens/Shutterstock.com)

    VA embraces procurement challenges at scale

    Steve Kelman applauds the Department of Veterans Affairs' ambitious attempt to move beyond one-off prize-based contests to combat veteran suicides more effectively.

  • big data AI health data

    Where did the ideas for shutdowns and social distancing come from?

    Steve Kelman offers another story about hero civil servants (and a good president).

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.