MCI launches integrated security service

MCI today launched a set of managed security services it believes provides unprecedented security protection for enterprise data services within the network and on premises. The “cloud to core” approach unites MCI’s Internet backbone network security with the core enterprise security of the NetSec acquisition into a single package to address the growing complexity of threats to corporate data networks.

“It is getting to the point where the threats are so complex, you can’t just load a piece of anti-virus software or just have a firewall,” said Sara Santarelli, chief security officer of MCI. “Increased communication within the enterprise – via Blackberries, wireless networks, laptops, etc. – improves productivity but increases the security risk.”

Managed security services have become a major competitive arena as well for service providers courting all range of enterprise customers.

MCI’s integrated approach includes doing whatever is possible to avert problems but also being ready with a response to make sure an unexpected threat doesn’t create the kind of dramatic impact on a corporate environment than was seen in recent weeks with the Zotob worm.

That includes helping enterprise customers develop a strategy and position their internal resources both to ward off known threats and prepare for the unknown. That can include evaluation of current threat response, developing internal response teams, promoting employee education, installing appropriate tools, providing up-to-date restoration and developing a formal response process – all of which MCI currently does on its own network.

“No one aspect of security can make you feel your risk is mitigated,” Santarelli said. “You have to understand it takes all parts of your security program. What we do is help them create a tiered defense strategy that isn’t different from what we do within our own network. I can see what is going on in the backbone. I have complex tools that we have created that let me know when we have issues that pop up on the backbone. I have an opportunity to see what is going on and I can launch my response processes.”

MCI’s NetSec Managed Security Services include denial of service detection and mitigation, managed email content security, infrastructure threat monitoring and management for firewalls, intrusion detection and prevention for both network and host environments, vulnerability scanning and incident response.

MCI NetSec builds on NetSec’s seven years of experience as a stand-alone network security provider to accurately identify threats by correlating information that is drawn from different parts of the network.

“Our information resources come from multiple entry points,” said Ken Ammon, president of MCI’s NetSec Security Services group. “We have information we discover from watching the global network. We know about their assets. The value we provide is overlaying a data integration. We have expert analysis we provide to find a threat that could be masked with a lot of false positives.”

Accurate identification of security threats enables rapid response, which is a key in limiting the damage done by worms, viruses, DOS attacks and other security threats, he adds.

“There is a large volume of data that we use to do predictive analysis and early warning,” Ammon said. “Timeliness is key in limiting your loss and knowing your loss.”

MCI will continue to roll out security features, intending to provide enterprise customers with a broad portfolio of choices.

“Customers may come to us for one capability that we have,” Ammon said. “They may want just an assessment. In other cases, they come to us for a suite of managed security services. What we strive for is our customers to be supported through network services and managed security. We are looking to become more of solution provider with that broader set of services that a CIO is hoping to achieve.”