Security event monitoring (SEM) - BT Assure Threat Monitoring

Products & services

Banner Security event monitoring (SEM)

BT Assure Threat Monitoring

Make security visible in real time

Our unique security information and event management (SIEM) service collects and analyses security information in real time from across your organisation. A combination of powerful proprietary technologies and human intelligence helps to prevent attacks on your network, and protect your commercially sensitive information.

Assure Threat Monitoring and Assure Analytics tells you:

  • what’s really on your network, who’s using it, and whether or not your network’s at risk
  • how well your actual network usage matches your policy requirements
  • how to build an incident response process
  • how to satisfy auditors and regulators that you’re performing enough due diligence
  • who’s attacking you, and how hard they’re trying
  • how well-engineered your network is, and what you can do to improve it
  • where the weak spots are in your network and applications and what you can do to fix them.

Assure Threat Monitoring benefits

Enhanced network security - BT’s security analysts have seen varied attacks across hundreds of major networks so we know exactly what to look for when monitoring networks.

IT workload reduction – The threat monitoring technology filters false positives. This saves time by ensuring a customer’s security team only responds to genuine threats and enables them to focus instead on more strategic security strategies.

Reduced liability - Network monitoring reduces risk while the quality of recorded information helps customers comply with auditing and accountability standards, protecting against financial losses.

Ensure data protection - Collecting and analysing network information to classify it according to the risk it represents, helps customers safeguard their business-critical data.

Support compliance – BT’s reporting features provide all the network data and security information in a single portal, helping customers comply with regulations and audit processes.

Assure Threat Monitoring features

Complete global security visibility through a single pane of glass. Security event monitoring enhances both customer and security analyst capabilities with improved focus on critical security intelligence through a rich set of activity views. Multiple embedded portlets and graphical elements offer customisable views of service tickets, deployed devices and security events.

Vendor neutral monitoring - BT offers a vendor neutral approach to network monitoring. This means that customer can select security devices from those vendors that are right for their organisation. BT supports more than one million event rules across a broad range of devices. This helps to identify events such as failed logins, transactional events, anomaly detection, buffer overflows/underruns, DOS attacks and concerted attacks.

Global View - Advanced correlation technology analyses security data across multiple devices, multiple vertical markets, across the globe.

Secure Operation Centres - Physically hardened facilities, redundant architecture, and geographically separated for disaster recovery.

Security Experts - BT Security Operations Centres are staffed with highly skilled and accredited analysts for incident detection and rapid response.

Web Portal - Integrated reporting and change requests across the customer subscribed Assure Threat Services.

Integrated Access to Assure Analytics - for interactive security data exploration and fine-grained visualisation and analysis of security events.

Security and compliance requires specialised expertise, and it makes more sense to outsource that so my staff can stay focused on the core business objectives. BT can survey all the potential threats worldwide and provide a much wider, more current view of the threats. That’s something we can’t do as efficiently, given our current staff levels.”
- John Lambeth, CISSP, CISA VP, Information Technology Blackboard Inc.

Assure Threat Monitoring specifications

BT Assure Threat Monitoring is a fully managed security event monitoring service. BT monitors its customer’s devices 24x7x365. The service works by re-directing customer device log files to a central BT repository. BT then analyses and filters the millions of messages from networked devices, separates the irrelevant from the suspicious or critical, then alerts the customer of any security issues before damage is done.

The service is made up of the following core components:

  • Sensors – The customer devices that will be monitored by the service.
  • Sentry Device – A proprietary BT device is used to receive logs from customer sensors, filter out unwanted messages, and forward aggregated messages to the BT Security Operations Centre for further analysis.
  • Socrates – Receives messages from the Sentry that are then passed through BT’s proprietary message correlation technology. Socrates generates problem tickets & assigns a severity level; Interesting, Relevant, Suspicious or Critical.
  • SOC Analysts – Receive tickets generated by Socrates and determine the next steps These are highly skilled and accredited security analysts that are available 24/7/365 to monitor and escalate as needed.
  • Web Portal – Customer portal for access to reporting with over 100 reports available, a dashboard to security performance reporting, and change requests.

The BT security event monitoring service combines a team of disciplined security experts, a rigorous process for incident detection and response, and best-of-breed technologies to provide real-time feedback regarding the efficiency of an organisation’s network security.

Global Availability

Assure Threat Monitoring is available globally

Resources

Downloads

BT Assure Threat Monitoring

PDF-301 KB

The quick and easy way to a healthy network

Brochures

BT Assure brochure

PDF-1 MB

Partnering for Success in IT Security

Rethink the Risk brochure

PDF-1 MB

See Security Differently

Datasheets

BT Assure Log Retention

PDF-354 KB

Addressing the compliance & incident response challenge