Subscriber Protection

Reduce the Number of Support Calls, Protect QoE, Notify Subscribers of Threats, and Stop Them in Real-Time

Subscriber Protection allows communications service providers (CSPs) to identify a wide range of cyber security threats in real time for reporting and mitigation. Benefits for communications service providers (CSPs) include:

Lowered Support Costs

Reduce support calls and retain existing subscribers by significantly reducing malicious traffic and infection rates, and by initiating remediation

Create Service Differentiation

Offer value-added security services to residential and business subscribers

Valuable Insight

Understand the threat landscape with detailed historic and real-time cyber security threat reporting

Block Threats and Prevent Malware Infections Before They Reach Their Target

Subscriber Protection directly integrates with leading third-party threat sources such as Symantec’s DeepSight with the Sandvine Policy Engine, allowing CSPs to prevent a wide variety of online subscriber threats—such as known phishing and other malicious sites—from ever reaching the customer’s front door.

With Subscriber Protection, CSPs can:

How Subscriber Protection Works

Key Features of Subscriber Protection

Sandvine's Subscriber Protect integrates with the largest threat intelligence databases from reputable 3rd party sources which is gathered from a worldwide net of 40 million sensors across 160 countries, and analysis of more than 8 billion emails per month. Threat intelligence databases provide malware categorization based on behavioral intelligence, to identify known malware categories and phishing sites as well as:

  • Diverse threats monitoring: Botnet participation, botnet command and control, fraud, malware distribution, phishing scams, and spam distribution
  • Threat reputation scores: Each threat is given a score for Prevalence, Risk and Urgency, based on IP, Domain, and URL; CSPs can craft protection policies based on score values
  • Automatic updates: Global threat lists are automatically updated four times a day, so your network is always up-to-date without any manual intervention

The Sandvine platform scales to support the world’s largest networks, so your network-based filtering works no matter your bandwidth volume.

Sandvine’s traffic classification technology emphasizes zero false positives to ensure no harmful impact to network users.

Subscriber Protection includes multiple policy enforcement options:

  • Alarm: notify operations personnel about threatening activity
  • Manually block: monitor detected threats and selectively block, in real-time and as needed
  • Automatically block: automatically take action to limit or block detected threats
  • Engage: security events can be used as triggers to initiate subscriber engagement for notification or remediation purposes

The Sandvine platform is completely subscriber-aware, allowing CSPs to engage subscribers with personalized security notifications. Additional use cases (e.g., advanced notifications, self-service for remediation) can be achieved by linking Subscriber Protection with Sandvine OutReach.

Security events are logged and can be used for audit purposes or examined for business and operational intelligence. Historic reports are available within Sandvine’s Network Demographics reporting interface, and Sandvine’s Control Center provides real-time visibility into ongoing threats for operational analysis.

UPDATED : 2016-11-08 14:16:14