Security Strategies

Level 3: Honeypots Are Only Half the Battle

CHICAGO -- Big Telecom Event -- The old IT "honeypot" tactic of sticking a controlled vulnerability in the network to see who attacks it is no longer enough in today's world of sophisticated attacks, according to Level 3 CTO Jack Waters, who called on the industry to take a more comprehensive approach to security.

In his keynote address here at BTE, Waters told attendees that what matters is seeing who is attacking the network and what specifically is being attacked. Honeypots only offer part of that capability. The Level 3 Communications Inc. (NYSE: LVLT) technical boss said operators need to have "situational awareness" of what is going on in their networks. (See Live From BTE: A Day for the Disruptors.)

"We have a platform that sits in the middle of the network and looks for vulnerabilities," he said. Even more important, Waters said, "we take action on what we see."

Check out all the news and views from the 2015 Big Telecom Event at Light Reading's dedicated BTE show news channel.

Waters was referring to the Internet backbone provider's DDoS migration service it launched in February that detects attacks as large as 4.6 terabits as they are happening, scrubs the affected traffic and returns it securely to the affected enterprise. Level 3's managed security services portfolio also includes IP-VPN security gateways and intrusion detection/prevention capabilities. (See Level 3 Brings Volume to DDoS Mitigation and Level 3 Launches DDoS Mitigation Service.)

Speaking more generally, Waters said there are four key things service providers should do when it comes to security: predict the vulnerabilities using some set of analytics; detect the vulnerabilities in the network using situational awareness; alert both the customers and security operations centers about the threat; and, finally and most importantly, do something about it to secure the network and its customers. (See Level 3, Cisco Team to Squash Major Botnet and Level 3 CTO Jack Waters: Network Integration Guru.)

"We do it for our customers -- it's really that simple," Waters said. "Our customers rely on us. We do this because our customers are demanding us to do it to connect them globally, provide a platform they can use to control services securely -- to look for threats and vulnerabilities."

— Sarah Thomas, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profile, Editorial Operations Director, Light Reading

jbsmith1 6/15/2015 | 1:07:05 PM
It's what's under the DDoS attack... For sure DDoS attacks are a problem, increasingly these days they are a front for more advanced malware entering the network - keep the security teams busy fighting a DDoS attack while more stealthy reconaissance, exploitation or exfiltration occurs.  Focusing on DDoS is only one part of the overall "situational awareness" when it comes to Enterprise security.
jabailo 6/14/2015 | 1:09:12 PM
Re: Antiquated Honeypots in some sense are obsolete.  They were a technique used back in the days when there weren't that many tools for network monitoring.  So like in hunting, you lay a trap and somthing walks into it.  However, now we can scan the whole forest for deer!

danielcawrey 6/14/2015 | 12:36:39 PM
Antiquated I would never have thought honeypots would be something that is the singular focus of IT security. While they can be part of an arsenal, there needs to me more tools in the toolbox than just that alone. 
Sign In