Corporation installs effective and dependable managed security services across its hybrid environment including AWS workloads with X-Force Threat Management and QRadar
This global organization provides mobile and fixed network telecommunications services to customers in over 20 countries with partnerships for mobile networks on more than 40 additional countries. Customers include hundreds of millions of mobile customers, millions of fixed broadband customers, millions of TV customers and support for over 100 million Internet of Things (IoT) devices. Applications include financial technology or fintech, digital TV and more.
To meet growing market opportunity, the telecommunications provider expanded its service area and product lines including broadening its managed services capability. Product expansions included bringing expert managed security services offerings for its customers. Security leaders at the organization needed a compliant platform that could be managed for the customer base while adhering to industry standard policies and best practices for cloud security.
Because IBM had demonstrated deep consulting and managed security services capabilities for securing AWS workloads in conjunction with hybrid cloud environments, the leaders chose to partner with IBM Security. Today, IBM® provides X-Force® Threat Management Services integrated with the IBM QRadar® on Cloud SIEM (Security Information And Event Management) solution.
Journey to AWS
X-Force Threat Management provides the corporation’s security leaders many benefits including:
- Reduced risks by engaging IBM threat operations expertise through IBM managed security services
- Minimized cost of operations while overcoming skills gaps using IBM managed security services
- Increased visibility and asset remediation actions through IBM X-Force Red Vulnerability Management Services
- Simplified visibility across hybrid environment using X-Force Threat Management with QRadar
QRadar complements the client’s AWS native services by adding security event management, user behavior analytics and security analysts based in security operations centers (SOCs).
IBM Security designed and built an AWS architecture that could be deployed for the telecommunications provider’s customers which included security strategy and compliance aligned with the AWS Cloud Adoption Framework (AWS CAF) security perspective. AWS CAF helps users structure the selection, implement the controls, and identify areas of noncompliance and plan ongoing security initiatives more easily.
In the IBM solution, the following native AWS tools are aligned with security for the corporation’s hybrid cloud environment:
Ultimately, the client received a fully managed public cloud environment to sell to customers, which minimizes management and cybersecurity overhead requirements. Expectations are that the ability to provide trusted managed services including security will deliver significant revenue growth for the telecommunications provider.
IBM Security delivered all high-level and low-level AWS designs to the company to facilitate compliance and pass audits to be in line with applicable industry and global policies and standards.
Organizations should look for the following 10 key core capabilities in a managed security services provider as an extension of your threat operations for AWS infrastructure:
- AWS infrastructure vulnerability scanning
- AWS resource inventory visibility
- AWS security best practices monitoring
- AWS compliance monitoring
- Monitoring and triage for security events using AI and automation
- 24/7 incident alerting and response using orchestration and automation
- Distributed Denial of Service (DDoS) mitigation
- Managed Intrusion Detection/Prevention System (IDS/IPS)
- Managed detection and response for AWS-based endpoints
- Managed Web Application Firewall (WAF)
IBM Security and AWS solution components:
- IBM X-Force Threat Management Services (MSS)
- IBM X-Force Red Vulnerability Management Services
- IBM Security QRadar
- AWS Cloud Adoption Framework
- AWS CloudTrail
- AWS Lambda
- Amazon CloudWatch
- Trend Micro Deep Security
- Fortinet NGFW AWS VPC Integration