Reduce the Number of Support Calls, Protect QoE, Notify Subscribers of Threats, and Stop Them in Real-Time
Subscriber Protection allows communications service providers (CSPs) to identify a wide range of cyber security threats in real time for reporting and mitigation. Benefits for communications service providers (CSPs) include:
Lowered Support Costs
Reduce support calls and retain existing subscribers by significantly reducing malicious traffic and infection rates, and by initiating remediation
Create Service Differentiation
Offer value-added security services to residential and business subscribers
Block Threats and Prevent Malware Infections Before They Reach Their Target
Subscriber Protection directly integrates with leading third-party threat sources such as Symantec’s DeepSight with the Sandvine Policy Engine, allowing CSPs to prevent a wide variety of online subscriber threats—such as known phishing and other malicious sites—from ever reaching the customer’s front door.
With Subscriber Protection, CSPs can:
- Deliver Threat and Infection Notifications
- Prevent Malware Infections
- Prevent Phishing Scams
- Disrupt Botnets
- Gain Insight with Cyber Security Reporting
- Prevent Spoofing and Phishing
Key Features of Subscriber Protection
Sandvine's Subscriber Protect integrates with the largest threat intelligence databases from reputable 3rd party sources which is gathered from a worldwide net of 40 million sensors across 160 countries, and analysis of more than 8 billion emails per month. Threat intelligence databases provide malware categorization based on behavioral intelligence, to identify known malware categories and phishing sites as well as:
- Diverse threats monitoring: Botnet participation, botnet command and control, fraud, malware distribution, phishing scams, and spam distribution
- Threat reputation scores: Each threat is given a score for Prevalence, Risk and Urgency, based on IP, Domain, and URL; CSPs can craft protection policies based on score values
- Automatic updates: Global threat lists are automatically updated four times a day, so your network is always up-to-date without any manual intervention
The Sandvine platform scales to support the world’s largest networks, so your network-based filtering works no matter your bandwidth volume.
Sandvine’s traffic classification technology emphasizes zero false positives to ensure no harmful impact to network users.
Subscriber Protection includes multiple policy enforcement options:
- Alarm: notify operations personnel about threatening activity
- Manually block: monitor detected threats and selectively block, in real-time and as needed
- Automatically block: automatically take action to limit or block detected threats
- Engage: security events can be used as triggers to initiate subscriber engagement for notification or remediation purposes
Security events are logged and can be used for audit purposes or examined for business and operational intelligence. Historic reports are available within Sandvine’s Network Demographics reporting interface, and Sandvine’s Control Center provides real-time visibility into ongoing threats for operational analysis.