White Paper Abstract:
To thrive in today’s economy, service providers must provide open, easily accessible communications services that enable their end users to contact anyone worldwide. The same open, freely scalable communication architecture that provides unlimited communications services to your end users also poses an extremely attractive target to hackers who would abuse that open access for their own financial advantage. Worldwide ownership of today’s networking platforms means that there is little meaningful enforcement to deter hackers. With few consequences to hackers for their attacks, most of the burden—financial and otherwise—is borne by service providers and their customers.
As a result, security has become increasingly important over the last several years. The question is no longer, How often is your network under attack? Rather, the question is—How many attacks are you under right now? Because networks are continuously under attack, the defenses have to be available continuously. That means network operators must be able to manage their networks securely while continuing to provide service to their customers. Because security is a long-term issue, service providers need a security strategy and a staff that is well educated in that strategy. To that end, this paper discusses tools and practices that are indispensable to network operators in
securing their networks against denial of service (DoS) attacks and other common security threats. It also discusses ways in which service providers can turn those necessary security protections into profitable managed security services for their enterprise customers. Finally, it provides a bibliography of some of the research that has been done in the area of best practices for service provider security. Much of this research is documented in the form of RFC and other Internet draft documents. Links to these and other helpful security resources are provided at the end of this paper.