AT&T's Internet Protect Provides Network Firewall

Many corporate IT departments are finally getting what they've been waiting for, as AT&T (NYSE: T) rolls out its network-based firewall, which is expected to help ward off the latest virus and worm outbreaks in a simpler, more cost-effective manner.

AT&T's managed security service, known as Internet Protect, will now help stop network viruses in the early stages, before the malicious code can spread or impact network performance and data, AT&T said.

The new capabilities, to be available early next year, are an integration of virus and worm countermeasures combined with AT&T's network-based firewall, which eliminates the need for individual firewalls at each company branch.

Security experts expect many companies to take advantage of AT&T's network-based defense. They also indicated, however, that the network firewall does not yet include actual antivirus technology and is not for everyone.

"I think there's a market for it," iDefense director of malicious code intelligence Ken Dunham told TechNewsWorld. "But it's not for everyone and it's not a silver bullet."

Managed Mitigation

AT&T said its technology will protect corporate branch offices and various locations and users from viruses and worms. Protection against denial of service (DoS) attacks was unveiled by AT&T in a similar announcement last June.

"By deploying early identification and mitigation capabilities from cyber attacks within its global Internet protocol (IP) network, AT&T can help prevent these attacks from proliferating and infiltrating a customer's information technology infrastructure -- networks, servers, PCs, applications and end-user devices," the company said in a statement.

AT&T said its firewall and overall Internet Protect service, the first network security of its kind from a major U.S. carrier, will reduce complexity and therefore ease and strengthen security.

Dunham of iDefense agreed that it makes economic and security sense to take some security responsibilities away from small organizations that may not have the resources to defend themselves.

Dunham cautioned, however, that the handoff to a network security provider may reduce the individual outfit's control. Still, he thinks AT&T's managed service will likely be a good fit for many companies.

"It's great to have that kind of security, especially for companies in today's world, where launching and maintaining your own security can be extremely difficult," Dunham said.

Wanting More

Yankee Group senior analyst Zeus Kerravala told TechNewsWorld that companies large and small have been waiting for security offerings such as AT&T's network firewall, which was promised with the advent of virtual private networks (VPNs), but actually took longer to arrive.

Kerravala, who believes network firewalls will complement rather than replace location-based firewalls, said there is no reason that the same network-based approach could not be taken with antivirus, as well.

The analyst indicated that the approach is ideal for branch offices and telecommuters, and that there will likely be more, similar announcements to come.

"I think it's about time we started seeing it," Kerravala added.

Big Step from Big Player

Webroot vice president of threat research Richard Stiennon said that because many of today's virus, worm and other threats are network based, it makes sense that security be network-based as well.

Stiennon, who credited the carrier-level security deployment to the havoc wreaked by the SQL Slammer worm nearly two years ago, praised AT&T for its network firewall offering.

"We believe it is a major step for a large provider to take a step to provide security," he told TechNewsWorld, adding that expectations were that smaller players would make such offerings.

Stiennon said the network-based security trend, which is likely to continue, will force equipment makers such as Cisco (Nasdaq: CSCO) to build more security into their products, as well.

"I think that's going to be Cisco's biggest challenge going forward," Stiennon said.