Home » Data Protection » Network Security

Pipe Cleaners: Telcos Offer Managed Security Services

AT&T and other telcos want to clean up your Internet traffic - for a fee. A look inside in-the-cloud scrubbing services.

July 12, 2007 — CSO — From AT&T’s Global Network Operations Center 40 miles west of New York City, CISO Ed Amoroso has as wide a window into the Internet as anyone. With a glance at a two-story wall covered with computer monitors and television screens, Amoroso can tell at any given moment how much e-mail, Web and voice-over-IP traffic is streaming across AT&T’s data networks, buzzing its way from business to business, person to person. The amount of Internet traffic represented in the room is staggering. On the average business day, almost 10 petabytes of data pass through AT&T’s networks—more information than the entire Web contained in 2000.

Too bad that almost all of it is garbage.

More than 80 percent of the e-mail coming in to AT&T is spam. About 1 million of the home computers AT&T sees each day are thought to be infected with bots, reaching out to hundreds of other IP addresses far more quickly than any Internet surfer with DSL or a cable modem ever would. Before a worm strikes, technicians see strange spikes of traffic going to normally obscure ports, as malware developers test and tweak their code. A sudden, sharp increase in the amount of Web traffic worldwide could mean breaking news—or a distributed denial-of-service (DDoS) attack being lobbed at a single company halfway around the world.

But Amoroso’s window into a rapidly junkifying Internet is largely just that: a window. For the most part, he says, all he can do is sit and watch through the glass, as unwanted or malicious traffic makes its way from point A to point B.

“The standard service-level agreement is that we just push the traffic in and out,” he says. “We don’t touch it. We can do some upstream and downstream filtering if we see something that will affect our infrastructure, but you getting a spam, or you having some weird protocol aiming at you—I would love to filter that, but it’s not that simple.”

That’s because a telecommunications company’s job has always been to pass traffic, not pass judgment. “The starting point [for Internet carriers] is no responsibility whatsoever,” says Jonathan Zittrain, professor of Internet Governance and Regulation at Oxford University. “Echoing the original spirit of Internet protocol design, the job of a router is simply to move a packet one hop closer to its destination.”

This is the reason for the intense debate over whether to forgo so-called net neutrality, in which Internet carriers treat all packets the same. Even as carriers argue that they should be allowed to prioritize high-revenue content, however, AT&T has been quietly getting permission from its customers to stop certain kinds of traffic altogether. Already, some businesses have signed up to have AT&T filter out spam, viruses, DoS attacks and other malicious activity behind the scenes, before the traffic touches their enterprises. AT&T is now working on the “productization” of similar services for its home customers. In Amoroso’s vision of the future, telecom companies will routinely deliver not the diseased mélange of today’s pure Internet, but a “clean pipe” of good (or at least decent) traffic. Less junk, fewer risks. Here’s your bill.