TeliaSonera provides telecommunication services in the Nordic and Baltic countries, the emerging markets of Eurasia, including Russia and Turkey, and in Spain. The company is the leading European provider of quality cross-border voice, IP and capacity services, provided through its wholly-owned international carrier network. At the end of December 2008 the total number of subscriptions was 135 million in 20 countries. The TeliaSonera share is listed on NASDAQ OMX Stockholm and NASDAQ OMX Helsinki. Read more at www.teliasonera.com
According to TeliaSonera’s technical product manager for security and access, Kjell Larsson, that commitment also extends to ensuring data security for TeliaSonera’s customers. “As a large telecommunications provider, we can’t afford to have any disruptions to our customers’ service,” says Larsson.
To guard against external security threats, the company’s Swedish and Finnish offices invested in disparate desktop and Internet security applications to protect its network and 16,000 employees in multiple locations.
Blaster outbreak causes disruption
In August 2003, TeliaSonera’s Swedish office became infected with the Blaster Worm virus. Despite having standard, industry accepted anti-virus software installed, the Blaster virus quickly penetrated the company’s 23,000 Windows desktops, laptops and servers. For a few hours, the IT department had to shut down the company’s network for repair. TeliaSonera’s IT staff also faced cleaning the virus manually from nearly 5% of all employee computers.
The attack also paralyzed the customer service desk. For a couple of hours, customer service agents were unable to process every incoming call. The entire incident prompted the IT group to discuss alternatives for desktop and Internet security.
“Since we didn’t have a common, integrated security solution, it made it harder to control the outbreak in a systematic and efficient way,” says security technology specialist Magnus Stenlund.
After carefully evaluating available security products, TeliaSonera’s corporate security team chose McAfee for the company’s anti-virus protection.
“We think McAfee best meets our need for central managing, and we agreed with their future views on anti-virus technologies and policies,” adds Larsson. “We knew we could evolve easily with McAfee over time.”
Intrusion prevention safeguards all endpoints
In early 2004, TeliaSonera purchased McAfee VirusScan® Enterprise to protect its 23,000 desktops and 3,500 servers against malicious attacks. Among other features, TeliaSonera values the Access Protection feature of VirusScan Enterprise. The company has used this feature to create an internal blacklist and uses it to identify any potentially malicious applications on computers before they compromise desktop security.
“When we implemented the blacklist in VirusScan Enterprise, results were immediate. We saw a drastic decrease in the number of viruses on our computers,” explains Stenlund.
For the last six months, TeliaSonera has been virtualizing all of its servers. When the transition is complete, the company will continue using VirusScan Enterprise for protection.
The company also purchased and installed the McAfee Host Intrusion Prevention (Host IPS) solution to protect its 23,000 desktops and laptops from malware intrusion.
“The Host Intrusion Prevention solution was one of our main reasons for choosing McAfee,” adds Stenlund. “From the beginning, we used it as a desktop firewall product. Now that it has more functionality, it integrates better with our Windows and Microsoft applications and helps us secure our patch update process.”
"The promise of security is now embedded in our advertising campaigns—it’s safe to use TeliaSonera’s products."Kjell Larsson
Technical Product Manager, Security and Access, TeliaSonera AB
Centralized anti-virus protection
TeliaSonera also installed McAfee ePolicy Orchestrator® (ePO™), a single centralized management console that gives Stenlund and Technical Product Manager Kjell Larsson more control and visibility into the company’s network. It also helps them manage the Host IPS and VirusScan Enterprise deployments.
“The biggest benefit of ePO is the centralized management. Now we’re able to manage both products from one console, easing accessibility and maximizing time,” says Stenlund.
The IT group uses ePO to proactively push certain rules to Host IPS installations on each computer, to minimize potential outbreaks in the future. As a result, the IT group at TeliaSonera spends less time managing security and has more control than ever before.
Stronger protection breeds security confidence
Because TeliaSonera hasn’t experienced any major outbreaks since the Blaster virus, the company is more confident in their internal security position than ever before. In turn, this confidence from using McAfee and other security products has enabled TeliaSonera to assure customers that their data security is in good hands as well.
“The promise of security is now embedded in our advertising campaigns - it’s safe to use TeliaSonera’s products,” concludes Larsson.
Ensuring customer network security
In 2005, TeliaSonera created a separate bureau that offers a hosted intrusion prevention service to its mid-to-enterprise customers. The service provides a virtual assessment of each customer’s environment, develops their security policies, and provides a bundled firewall protection solution with network intrusion prevention from McAfee Network Security Platform (formerly IntruShield).
At the moment, six customers have licensed this service called “Intrusion Prevention and Detection” as part of their TeliaSonera mobile network services contract. Network Security Engineer Carina Bronge and one other TeliaSonera engineer manage the service for all six customer sites.
“Customers who can’t afford to have their networks go down subscribe to our hosted service because they don’t have the depth of IPS expertise in-house,” explains Bronge. “When we were ready to offer customers network protection, TeliaSonera chose McAfee Network Security Platform as the right solution.”