Tuesday, August 26, 2008

BT Enhances Security Monitoring Service Against Botnets

BT has enhanced its managed security service to further defend enterprise networks against the growing threat of malicious botnet attacks.

Botnets are a significant security risk to businesses because they are primarily used to execute criminal activity. Since most bots communicate only infrequently with their command and control hosts, the chances of detecting infected machines prior to a critical event, without significant technology and infrastructure investment, are slim. However, since bots do communicate and these communications generate firewall traffic, BT's Managed Security Solutions Group has created the ability to detect bots by monitoring and analyzing firewall traffic.

The new proprietary Botnet Detection Module, which is part of BT's Event Monitoring and Correlation Service, can identify which hosts within a customer's network are under the control of botnets and then assist the customer with quarantine and remediation efforts to restore the network's integrity. Firewall traffic is collected and analyzed at the BT Security Operations Centers for patterns of activity that bear the hallmarks of bot communications. BT said its customers also benefit from proprietary technology to correlate across multiple security technologies and its diverse customer base, significantly improving the accuracy of these alerts.http://www.bt.com

See also