Modern networks are vast and there isn't a single element that can't be compromised one way or another, whether it's an integrated circuit in a network system or a device attached to the network, code in networking or applications software, or a communications protocol in nearly any connection. Securing the network is an enormous and varied task, requiring different technologies and different strategies for so very many potential vulnerabilities.
The finalists for Most Innovative Security Strategy from a service provider have little to do with each other. That makes making comparisons difficult, but it also emphasizes the massive undertaking of network security.
The winner will be announced at the Leading Lights awards dinner, which will be held during the evening of Monday, May 23, at the Hotel Ella in Austin, Texas, ahead of the Big Communications Event May 24-25 at the Austin Convention Center.
Here's a closer look at our finalists:
AT&T MobileKey Identity and Access Management
It is commonly held that the weakest point of any network is the user. AT&T Inc. (NYSE: T) devised MobileKey as a means to authenticate individual users across a range of devices (PC, tablet, smartphone etc.). The system considers a range of factors, including device, location, network and biometrics, and adapts to the level of detected risk by forcing higher authentication requirements or rejecting the request.
The application also facilitates single sign-on across supported mobile applications, authentication to additional devices, and provides smart badge functionality to gain access to AT&T locations and restricted areas.
AT&T explains this is all made possible by its new common identity and access management platform which implements the MobileKey application with enterprise mobile management (EMM) integration, certificate support, mobile network capabilities and device-based PUSH technologies. The platform provides a real-time risk engine and an extensible range of authentication modules.
BT Assure Analytics (based on SATURN Technology)
Assure Analytics is a system BT Group plc (NYSE: BT; London: BTA) devised to detect patterns from a variety of sources -- including social media -- that can betray potential cyberthreats to its network.
A result of a research project with a number of UK universities and an international cyber security company, Assure Analytics is a self-organizing system that can process structured and unstructured data from sources on the Internet or within organizations. With this and other sophisticated analysis techniques, BT is able to identify potential cyberthreats in as little as one third of the time the company was previously accustomed.
The system is coupled with a slick user interface that provides easily understood visualizations of potential threats, their severity, their origin and more.
Level 3 Network-based security/DDoS Mitigation
Level 3 Communications Inc. (NYSE: LVLT)'s approach combines network controls, threat intelligence, scrubbing centers and SOC support to mitigate complex attacks, relying on data derived from all of its customers. When threats are identified, the company can block traffic at the network level, which it claims is unique among network operators.
The philosophy is not to spend more on hardware but to take better advantage of controls and visibility already built into the network.
Level 3 believes any security measure will ultimately be inadequate if isolated to any given company or group of vendor customers, and so with its network-level DDoS mitigation activity, the company is calling for more collaboration with other network operators.
Masergy Unified Enterprise Security managed security solution
Masergy Communications Inc. 's UES applies behavioral analytics and correlation analysis to detect network anomalies that can signal a breach or a persistent threat lurking in customers' in-house systems. UES relies not only on human input but also incorporates machine learning; the solution continually teaches itself how to detect potential malicious behavior. Each learning model is unique to each client, and all customer data is kept to each customer's premises.
UES also includes network security offered through the cloud. Its network sensor is integrated with the company's Software Defined Network Platform, which works with Masergy's Cloud Firewall and is uniquely able to inspect network traffic on Masergy's global cloud network at the point of entry and exit -- working to help identify problems in private, public and hybrid cloud environments, including Amazon EC2 and VMware.
— Brian Santo, Senior Editor, Components, T&M, Light Reading